“Root” is no longer a clear indication of… anything, really, in terms of linux power levels.
Capabilities are. And capabilities are quite a bit more complex.
Sometimes additional kernel parameters will also be relevant, but it’s relatively rare that these are impactful.
Sometimes certain virtualization systems take things so far out that they’re a completely different ballgame (e.g. gvisor has a totally different “kernel”, so nesting in there is… wild).
In terms of capabilities, the main one to take note of is CAP_SYS_ADMIN. This is the closest analog to historical “root” – it’s the capability that permits all other things, including getting more capabilities.
reading all files
creating all files except devices
creating all files including devices
assembling the tree