Because classic confinement grants device ownership to the snap and the snap is in the public snap store, we limit the use of classic. We have processes for this that are described in Process for reviewing classic confinement snaps. In essence, we want to move to a world where classic confinement doesn’t exist, so part of the process for granting the use of classic is understanding the precise use case. Sometimes, that results in immediate changes to snapd that means the snap can stay strict. Sometimes it means that snapd can’t support the use case as a strict mode snap today. After the requirements are understood, we vet the publisher of the snap since after classic is granted, the publisher is free to arbitrarily change the snap, including adding daemons which can run as root.