The snap is not intended for wide use by many snaps: it is intended to be used as the boot base snap for an Ubuntu Core variant, together with a couple of related snaps where it is important that they be in sync with the root file system.
Hmm actually on further inspection I notice that compared to the core22 base snap, core22-desktop has a couple more sensitive binaries - in particular /usr/bin/fusermount3 and /usr/bin/pkexec - which are both setuid root. Can you confirm that these are intentionally part of core22-desktop and are required? Thanks.
Ok, I will add overrides to review-tools for fusermount3 and /usr/libexec/polkit-agent-helper-1 for now but will not add pkexec at this time. If this is deemed necessary in the future we can always add it.