diff --git a/nix/module.nix b/nix/module.nix
index 7c39455d8b76224e234616434f83a1d2a5bb1f49..aed867c7806f164d1524db64f02382d7678de6b0 100644
--- a/nix/module.nix
+++ b/nix/module.nix
@@ -140,33 +140,6 @@               Group = instanceCfg.group;
               Restart = "always";
               RestartSec = "15";
               WorkingDirectory = instanceCfg.homeDir;
-              ReadWritePaths = [ instanceCfg.homeDir ];
-              CapabilityBoundingSet = "";
-              NoNewPrivileges = true;
-              ProtectSystem = "strict";
-              ProtectHome = true;
-              PrivateTmp = true;
-              PrivateDevices = true;
-              PrivateUsers = true;
-              ProtectHostname = true;
-              ProtectClock = true;
-              ProtectKernelTunables = true;
-              ProtectKernelModules = true;
-              ProtectKernelLogs = true;
-              ProtectControlGroups = true;
-              RestrictAddressFamilies = [
-                "AF_UNIX"
-                "AF_INET"
-                "AF_INET6"
-              ];
-              RestrictNamespaces = true;
-              LockPersonality = true;
-              MemoryDenyWriteExecute = true;
-              RestrictRealtime = true;
-              RestrictSUIDSGID = true;
-              RemoveIPC = true;
-              PrivateMounts = true;
-              SystemCallArchitectures = "native";
               ExecStart =
                 let
                   configFile = pkgs.writeText "ugit-${name}.yaml" (