Because in Discourse those files are owned by root (or the parent directory is?).
Perhaps it’s set by default in Ubuntu. I don’t know what might be different in Ubuntu.
You could try setting /var/discourse/shared to world writable and see if it works? Or maybe you could see if it works without ``–privileged` now?
Ubuntu is what’s recommended and Debian is what is inside the container (and may now be what CDCK uses for their host OS?). Fedora has a bunch of stuff locked down that Ubuntu doesn’t. If you’d love to understand, you’re likely to be largely on your own, though I think I remember at least one person here with some frequency likes Fedora CentOS (which is closer to Fedora than Ubuntu is!). This might have clues:  MKJ's Opinionated Discourse Deployment Configuration