diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..eba57cb
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "qssb.h"]
+	path = qssb.h
+	url = https://git.quitesimple.org/qssb.h
diff --git a/qssb.h b/qssb.h
new file mode 160000
index 0000000..7547644
--- /dev/null
+++ b/qssb.h
@@ -0,0 +1 @@
+Subproject commit 754764401368048dcdba39e153eb00f1f3c39898
diff --git a/sources/main.cpp b/sources/main.cpp
index 251b1c5..9b1faef 100644
--- a/sources/main.cpp
+++ b/sources/main.cpp
@@ -1,5 +1,6 @@
 /*
 
+Copyright 2019 Albert S.
 Copyright 2018 Marshall Banana
 Copyright 2012-2013, 2018 Adam Reichold
 Copyright 2014 Dorian Scholz
@@ -33,7 +34,7 @@ along with qpdfview.  If not, see <http://www.gnu.org/licenses/>.
 #include <QMessageBox>
 #include <QScopedPointer>
 #include <QTranslator>
-
+#include <QStandardPaths>
 #ifdef WITH_DBUS
 
 #include <QDBusInterface>
@@ -76,6 +77,7 @@ const char* __attribute__((used)) stack_cookie = "\0$STACK:500000\0";
 
 #endif // __amigaos4__
 
+#include "../qssb.h/qssb.h"
 namespace
 {
 
@@ -455,6 +457,44 @@ void prepareSignalHandler()
 
 int main(int argc, char** argv)
 {
+    struct qssb_policy *policy = qssb_init_policy();
+    if(policy == NULL)
+    {
+        return 1;
+    }
+
+    const char *data_dir = strdup(QStandardPaths::writableLocation(QStandardPaths::DataLocation).toStdString().c_str());
+    const char *config_dir = strdup(QStandardPaths::writableLocation(QStandardPaths::ConfigLocation).toStdString().c_str());
+
+    struct qssb_path_policy config_dir_policy;
+    struct qssb_path_policy data_dir_policy;
+    //TODO: overkill, but what to do about the "file open" dialog?
+    //break it? only allow "reasonable" paths? (which would that be?)
+    struct qssb_path_policy root_policy;
+    root_policy.mountpoint = "/";
+    root_policy.policy = QSSB_MOUNT_ALLOW_READ | QSSB_MOUNT_ALLOW_EXEC;
+    root_policy.next = &data_dir_policy;
+
+    data_dir_policy.mountpoint = data_dir;
+    data_dir_policy.policy = QSSB_MOUNT_ALLOW_WRITE;
+    data_dir_policy.next = &config_dir_policy;
+
+    config_dir_policy.mountpoint = config_dir;
+    config_dir_policy.policy = QSSB_MOUNT_ALLOW_WRITE;
+    config_dir_policy.next = NULL;
+
+    policy->path_policies = &root_policy;
+
+    //a pdfreader has no business accessing the network
+    policy->namespace_options |= QSSB_UNSHARE_NETWORK;
+    if(qssb_enable_policy(policy) != 0)
+    {
+        qCritical() << QObject::tr("Could not initialize sandbox.");
+        return 1;
+    }
+
+
+
     qRegisterMetaType< QList< QRectF > >("QList<QRectF>");
     qRegisterMetaType< Rotation >("Rotation");
     qRegisterMetaType< RenderParam >("RenderParam");