Hello!

I'm considering running some software inside a VM created using `guix
system vm`. The easiest thing to do would be to run the virtualized
software as root. Normally I wouldn't think twice about that, but iiuc
the guest will have the host's /store mounted. Am I right that this
should make me nervous about running untrusted things as root in the VM?
Or is there some trick by which a root process in the VM is prevented
from destructively changing /store?

Thanks!