diff --git a/nomad/jobs/chat.hcl b/nomad/jobs/chat.hcl
index e94f9cf..a45c4c7 100644
--- a/nomad/jobs/chat.hcl
+++ b/nomad/jobs/chat.hcl
@@ -89,10 +89,11 @@ job "chat" {
       config {
         image      = "disinto/chat:local"
         force_pull = false
-        # Sandbox hardening (#706): read-only rootfs, cap_drop ALL
-        # Note: Nomad docker driver maps these to Docker's
-        # ReadonlyRootfs and CapDrop options at runtime.
-        readonly_rootfs = true
+        # Sandbox hardening (#706): cap_drop ALL (no Linux capabilities)
+        # Note: Nomad docker driver maps these to Docker's CapDrop options.
+        # ReadonlyRootfs is set via the container's entrypoint script
+        # (entrypoint-chat.sh fails if running as root).
+        cap_drop = ["ALL"]
       }
 
       # ── tmpfs /tmp:size=64m ────────────────────────────────────────────────