I run the container version of Home Assistant, and I run it as root under my normal Linux user. I’ve wondered if this is ok , and I’m sure there are better options to secure it, but I’ve focused more on securing remote access, and securing ssh as much as possible. I use Portainer and make sure that is only exposed over the secure wireguard vpn. I use host networking to not have issues with discovery, but I dont run the container in priviledged mode- it shouldn’t need this. Developers added that to the documentation to make it easier to map a zigbee stick for zha, but the device flag to map the usb is better. If you’re not using zha, there’s definitely no reason for priviledged mode. Using provildged mode really overrides all the security normally built into docker. Here’s a link to additional docker documentation on security.
Here’s another good post about security for Home Assistant in general.