diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 35bd62df83a2fb1c9c47915dbd99465530a7a06f..5713d5b110f54f0da7916589e9755d79a5eeeedf 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -16,7 +16,7 @@ linting:bandit:
   script:  # TODO: remove B405 and B314
     - bandit ./mat2 --format txt --skip B101
     - bandit -r ./nautilus/ --format txt --skip B101
-    - bandit -r ./libmat2 --format txt --skip B101,B404,B603,B405,B314
+    - bandit -r ./libmat2 --format txt --skip B101,B404,B603,B405,B314,B108
 
 linting:codespell:
   image: $CONTAINER_REGISTRY:linting
diff --git a/libmat2/subprocess.py b/libmat2/subprocess.py
index f1142be52f862593d0edaa6cae39bc4dd31e93c6..fb6fc9dd4b57ed6a4a6e281893fb653020836b90 100644
--- a/libmat2/subprocess.py
+++ b/libmat2/subprocess.py
@@ -51,6 +51,7 @@ def _get_bwrap_args(tempdir: str,
         ['--dev', '/dev',
          '--proc', '/proc',
          '--chdir', cwd,
+         '--tmpfs', '/tmp',
          '--unshare-user-try',
          '--unshare-ipc',
          '--unshare-pid',
@@ -58,6 +59,7 @@ def _get_bwrap_args(tempdir: str,
          '--unshare-uts',
          '--unshare-cgroup-try',
          '--new-session',
+         '--cap-drop', 'all',
          # XXX: enable --die-with-parent once all supported platforms have
          # a bubblewrap recent enough to support it.
          # '--die-with-parent',