Docker/Podman and LXC linux containers share the same kernel with the host machine. Root in the container is root period. With a exploit to escape the container (which are common) the malicious program has root on the machine. This is a known attack vector against linux containers. VMs are much better for isolating untrusted software from the host OS.