diff --git a/runtime/init-container/src/init.c b/runtime/init-container/src/init.c
index 0a3b2c26..6ff047b1 100644
--- a/runtime/init-container/src/init.c
+++ b/runtime/init-container/src/init.c
@@ -2096,6 +2096,7 @@ int main(int argc, char **argv) {
     block_signals();
     if (do_sandbox) {
         write_sys("/proc/sys/net/ipv4/ip_unprivileged_port_start", 0);
+        write_sys("/proc/sys/user/max_user_namespaces", 1);
         get_namespace_fd();
     }
     setup_sigfd();