diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 35bd62d..5713d5b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -16,7 +16,7 @@ linting:bandit:
   script:  # TODO: remove B405 and B314
     - bandit ./mat2 --format txt --skip B101
     - bandit -r ./nautilus/ --format txt --skip B101
-    - bandit -r ./libmat2 --format txt --skip B101,B404,B603,B405,B314
+    - bandit -r ./libmat2 --format txt --skip B101,B404,B603,B405,B314,B108
 
 linting:codespell:
   image: $CONTAINER_REGISTRY:linting
diff --git a/libmat2/subprocess.py b/libmat2/subprocess.py
index f1142be..fb6fc9d 100644
--- a/libmat2/subprocess.py
+++ b/libmat2/subprocess.py
@@ -51,6 +51,7 @@ def _get_bwrap_args(tempdir: str,
         ['--dev', '/dev',
          '--proc', '/proc',
          '--chdir', cwd,
+         '--tmpfs', '/tmp',
          '--unshare-user-try',
          '--unshare-ipc',
          '--unshare-pid',
@@ -58,6 +59,7 @@ def _get_bwrap_args(tempdir: str,
          '--unshare-uts',
          '--unshare-cgroup-try',
          '--new-session',
+         '--cap-drop', 'all',
          # XXX: enable --die-with-parent once all supported platforms have
          # a bubblewrap recent enough to support it.
          # '--die-with-parent',