Due to some requirement I will need to deploy a Linux VM guest with NAT-networking and give the root access to VMplayer user. Could someone please tell me why you won't do that in a secured environment?

It's obvious that User with root access on Linux VM can install anything to harm the outside world like spreading virus/malware, network spraying ... I want to hear as much reasons as I can.

I also understand that host-only networking will prevent much of that.

Thanks,