What should be the permissions and ownership of Whonix image files? Does it even matter?
No. Host access is required to manipulate the files. If your hypervisor is compromised, even at user level, the entire system is lost.
there is really no point in user/root isolation, because all the user data (and VM management interface) is already accessible from dom0 user level, so there is nothing more to get from dom0 root account.
Not sure if there’s a misunderstanding, I was talking about ownership and permissions of Whonix qcow2 disk image files on the host. The link is about VM internals. So are even permissions irrelevant so long as it just works?