Container's root most certainly does map to host root unless you've enabled user namespaces (which is painful).

However, root in a container does have many privileges dropped and seccomp policies applied (assuming you haven't turned seccomp off via k8s).