diff --git a/pkg/mounter/geesefs.go b/pkg/mounter/geesefs.go
index 9be6b1c..7f8f025 100644
--- a/pkg/mounter/geesefs.go
+++ b/pkg/mounter/geesefs.go
@@ -93,6 +93,11 @@ func (geesefs *geesefsMounter) Mount(source, target, volumeID string) error {
 	if geesefs.region != "" {
 		args = append(args, "--region", geesefs.region)
 	}
+	args = append(
+		args,
+		"--setuid", "65534", // nobody. drop root privileges
+		"--setgid", "65534", // nogroup
+	)
 	useSystemd := true
 	for i := 0; i < len(geesefs.meta.MountOptions); i++ {
 		if geesefs.meta.MountOptions[i] == "--no-systemd" {