The logic is based (as in copy/pasted) from what was done for libvirt
with libvirtd offering similar privileges to lxd as far as being able to
quickly become root on the system.
If this is considered to be an actual issue, then we need to look at all
packages in the archive which rely on the same logic to add existing
users of the admin & sudo groups into their own group for interaction
with a privileged daemon that can allow escalation to root.
Worth noting that the LXD snap while it does create the group, doesn't
add users to it (as finding a suitable base group that works on all
distros proved difficult).
The logic is based (as in copy/pasted) from what was done for libvirt
with libvirtd offering similar privileges to lxd as far as being able to
quickly become root on the system.
If this is considered to be an actual issue, then we need to look at all
packages in the archive which rely on the same logic to add existing
users of the admin & sudo groups into their own group for interaction
with a privileged daemon that can allow escalation to root.
Worth noting that the LXD snap while it does create the group, doesn't
add users to it (as finding a suitable base group that works on all
distros proved difficult).