Thanks. I could make the volume writable after enabling shiftfs with LXD and using shift=true for adding disk devices:
lxc config device add $NAME $NAME-shared disk source=$PWD \
path=/root/$NAME shift=true
But I am still not sure it is secure after reading this thread on setuid:
I am not sure that getting into details of what setuid is and how it works is user friendly approach to security. Maybe there is no concern in this case? Is there a code I can run on guest/host to check if my mount is exploitable to this setuid attack?