Certain interfaces, especially in a classic context, would like to take advantage of being able to control how various bind mounts are set up for application processes.
Currently ubuntu-core-launcher establishes a number of fixed bind mounts to "hide" the real filesystem and to expose "only" the OS snap. The same mechanism could be generalized to let snapd create "mount profiles" (the word profile is the for symmetry with apparmor and seccomp profiles) that the launcher honors and applies to the process.
I'd like to propose that u-c-l reads and applies fstab-like profiles stored in /var/lib/snapd/mount/profiles. The same "security tag" (1st and 2nd argument to u-c-l) should dictate which profile to read. While the actual syntax should be compatible with fstab (for easy parsing, due to availability of ready parser in glibc) the launcher should limit features to bare minimum required to avoid abuse.
+1