Hello Lari,
I'm fully agree with what you said, but unfortunately in my case the management server is located remotely. That means I have to manage SG via it's public IP. Initially I configured LOM interfaces to be part of the same subnet which is part of the management interfaces, but after I learnt they can't be reached via VPN I had to move them behind data interfaces.
I was interested for the cases like mine, where the management server is located remotely, what is the purpose of dedicated management interfaces, but as Anatoly mentioned I just can't move on with FTW without them.
So here is my case with example - I have magg0 interface on MHO and SG, which is part of VLAN100 10.100.1.0/24.
SG1 - 10.100.1.1
MHO - 10.100.1.10 - GW: SG1
LOM1 - 10.100.1.11 - GW: SG1
LOM2 - 10.100.1.12 - GW: SG1
10.100.1.0/24 is part of VPN encryption domain and I wanted MHO, LOM1 and LOM2 to be reachable via VPN, but after this is not possible I had to move them to a separate VLAN which is part of data interfaces.