In ApplicationServerService and HostControllerService, after the existing serverStarting and securityManagerEnabled logging, check if user.name is set to a value we'd regard as "root". If so log a WARN. Guard this with a system property check, defaults to true. The prop is intended as a safeguard / built-in workaround in case this does something unexpected; it's not meant as a general purpose configuration option. Hence this is an Enhancement and not Feature Request.

On Windows systems AIUI the 'value we'd regard as "root" is "Administrator". Otherwise it is "root".