diff --git a/main.c b/main.c
index 674e657..12097e8 100644
--- a/main.c
+++ b/main.c
@@ -9,6 +9,22 @@
 #include <sys/wait.h>
 #include <unistd.h>
 
+void drop_root(void) {
+  // Drop root privileges
+  if (seteuid(getuid()) == -1)
+    {
+      int err = errno;
+      printf("Failed to drop root privileges with seteuid (%d)\n", err);
+      exit(err);
+    }
+
+  if (setegid(getgid()) == -1)
+    {
+      int err = errno;
+      printf("Failed to drop root privileges with setegid (%d)\n", err);
+      exit(err);
+    }
+}
 
 char** argdup(int argc, const char** argv)
 {
@@ -46,6 +62,9 @@ int main(int argc, const char** argv)
       return err;
     }
 
+  // Drop root privileges, we only needed those for the unshare call and fork above.
+  drop_root();
+
   if (pid != 0)
     {
       // parent waits for child then exits
@@ -94,21 +113,6 @@ int main(int argc, const char** argv)
           // First child of init process. do exec here
           // use cli arguments for subprocess. skip 0 as it's our programs name.
 
-          // Drop root privileges
-          if (seteuid(getuid()) == -1)
-            {
-              int err = errno;
-              printf("Failed to drop root privileges with seteuid (%d)\n", err);
-              return err;
-            }
-
-          if (setegid(getgid()) == -1)
-            {
-              int err = errno;
-              printf("Failed to drop root privileges with setegid (%d)\n", err);
-              return err;
-            }
-
           char** newargs = argdup(argc-1, &argv[1]);
 
           if (execvp(newargs[0], newargs) == -1)