diff --git a/nix/nixosModules.nix b/nix/nixosModules.nix
index 641b98d1d..d3cb71a39 100644
--- a/nix/nixosModules.nix
+++ b/nix/nixosModules.nix
@@ -777,7 +777,10 @@ HERMES_NIX_ENV_EOF
             NoNewPrivileges = true;
             ProtectSystem = "strict";
             ProtectHome = false;
-            ReadWritePaths = [ cfg.stateDir ];
+            ReadWritePaths = [
+              cfg.stateDir
+              cfg.workingDirectory
+            ];
             PrivateTmp = true;
           };