diff --git a/setup/INFRA_VERSION b/setup/INFRA_VERSION
index f780e8d11..a4e3074ff 100644
--- a/setup/INFRA_VERSION
+++ b/setup/INFRA_VERSION
@@ -3,7 +3,7 @@
 # If you change the infra version, be sure to put a warning
 # in the change log
 
-INFRA_VERSION=9
+INFRA_VERSION=10
 
 # WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
 # These constants are used in the installer script as well
diff --git a/setup/container.sh b/setup/container.sh
index dd6044e03..8b42aa492 100755
--- a/setup/container.sh
+++ b/setup/container.sh
@@ -26,6 +26,10 @@ cp "${container_files}/sudoers" /etc/sudoers.d/yellowtent
 rm -rf /etc/collectd
 ln -sfF "${DATA_DIR}/collectd" /etc/collectd
 
+########## apparmor docker profile
+cp "${container_files}/docker-cloudron-app.apparmor" /etc/apparmor.d/docker-cloudron-app
+systemctl restart apparmor
+
 ########## nginx
 # link nginx config to system config
 unlink /etc/nginx 2>/dev/null || rm -rf /etc/nginx
diff --git a/setup/container/docker-cloudron-app.apparmor b/setup/container/docker-cloudron-app.apparmor
new file mode 100644
index 000000000..583ab3add
--- /dev/null
+++ b/setup/container/docker-cloudron-app.apparmor
@@ -0,0 +1,32 @@
+#include <tunables/global>
+
+
+profile docker-cloudron-app flags=(attach_disconnected,mediate_deleted) {
+
+  #include <abstractions/base>
+
+  ptrace peer=@{profile_name},
+
+  network,
+  capability,
+  file,
+  umount,
+
+  deny @{PROC}/sys/fs/** wklx,
+  deny @{PROC}/sysrq-trigger rwklx,
+  deny @{PROC}/mem rwklx,
+  deny @{PROC}/kmem rwklx,
+  deny @{PROC}/sys/kernel/[^s][^h][^m]* wklx,
+  deny @{PROC}/sys/kernel/*/** wklx,
+
+  deny mount,
+
+  deny /sys/[^f]*/** wklx,
+  deny /sys/f[^s]*/** wklx,
+  deny /sys/fs/[^c]*/** wklx,
+  deny /sys/fs/c[^g]*/** wklx,
+  deny /sys/fs/cg[^r]*/** wklx,
+  deny /sys/firmware/efi/efivars/** rwklx,
+  deny /sys/kernel/security/** rwklx,
+}
+
diff --git a/src/apptask.js b/src/apptask.js
index 94832245f..accc3ca10 100644
--- a/src/apptask.js
+++ b/src/apptask.js
@@ -352,7 +352,8 @@ function startContainer(app, callback) {
                 "Name": "always",
                 "MaximumRetryCount": 0
             },
-            CpuShares: 512 // relative to 1024 for system processes
+            CpuShares: 512, // relative to 1024 for system processes
+            SecurityOpt: config.CLOUDRON ? [ "apparmor:docker-cloudron-app" ] : null // profile available only on cloudron
         };
 
         var container = docker.getContainer(app.containerId);