Discarded ideas
Dynamically created uid/gids on the device
‘Global namespace’ in Snappy and users and groups (obsolete) discusses how to use uid/gids in the global namespace by dynamically creating them during snap install, with store processes and snapd governing their use. While we do want to use the global namespace for uid/gids, dynamically creating them complicates use of the uid/gids in the squashfs since the uid/gid isn’t predictable.
User namespaces
‘User namespaces’ in Snappy and users and groups (obsolete) discusses the inherent problems and limitations with utilizing user namespaces for this feature so it doesn’t have to be repeated here.