The snap_browsers abstraction requires more permissions due to updates on snaps.
Some of the permissions are not required in older versions of Ubuntu that use 2.12 and 2.13, but are introduced for unification and ease of maintenance purposes. These include:
all dbus permissions,
@{PROC}/sys/kernel/random/uuid r,
owner @{PROC}/@{pid}/cgroup r,
/var/lib/snapd/sequence/{chromium,firefox,opera}.json r,I also propose a cherry-pick of this commit to 2.12, 2.13 and 3.0