Use case: I’m building a snap for webbrowser-app, which embeds oxide (https://launchpad.net/oxide). When snapcraft creates the package, I’m seeing this: Removing suid/guid from /build/webbrowser-app/snap/parts/webbrowser-app/install/usr/lib/x86_64-linux-gnu/oxide-qt/chrome-sandbox This effectively prevents oxide from functioning correctly: [0705/173002:FATAL:setuid_sandbox_host.cc(162)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /snap/webbrowser-app/x1/usr/lib/x86_64-linux-gnu/oxide-qt/chrome-sandbox is owned by root and has mode 4755. While the issue will need to be addressed properly, I think that when building the snap in devmode, snapcraft shouldn’t remove the suid/guid from the binary, as it would be useful for testing the resulting package unconfined.