diff --git a/qssb.h b/qssb.h
index 7547644..60776be 160000
--- a/qssb.h
+++ b/qssb.h
@@ -1 +1 @@
-Subproject commit 754764401368048dcdba39e153eb00f1f3c39898
+Subproject commit 60776be4160fe7e2178b3790cd43a76d412843b6
diff --git a/sources/main.cpp b/sources/main.cpp
index 9b1faef..12a7bdc 100644
--- a/sources/main.cpp
+++ b/sources/main.cpp
@@ -472,7 +472,7 @@ int main(int argc, char** argv)
     //break it? only allow "reasonable" paths? (which would that be?)
     struct qssb_path_policy root_policy;
     root_policy.mountpoint = "/";
-    root_policy.policy = QSSB_MOUNT_ALLOW_READ | QSSB_MOUNT_ALLOW_EXEC;
+    root_policy.policy = QSSB_MOUNT_ALLOW_READ | QSSB_MOUNT_ALLOW_EXEC | QSSB_MOUNT_ALLOW_WRITE;
     root_policy.next = &data_dir_policy;
 
     data_dir_policy.mountpoint = data_dir;
@@ -484,6 +484,8 @@ int main(int argc, char** argv)
     config_dir_policy.next = NULL;
 
     policy->path_policies = &root_policy;
+    char *cwd = get_current_dir_name();
+    policy->chdir_path = cwd;
 
     //a pdfreader has no business accessing the network
     policy->namespace_options |= QSSB_UNSHARE_NETWORK;
@@ -493,8 +495,7 @@ int main(int argc, char** argv)
         return 1;
     }
 
-
-
+    free(cwd);
     qRegisterMetaType< QList< QRectF > >("QList<QRectF>");
     qRegisterMetaType< Rotation >("Rotation");
     qRegisterMetaType< RenderParam >("RenderParam");