diff --git a/net-proxy/youtubeUnblock/youtubeUnblock-1.0.0_rc5.ebuild b/net-proxy/youtubeUnblock/youtubeUnblock-1.0.0_rc5.ebuild
index a43f82b..ab09426 100644
--- a/net-proxy/youtubeUnblock/youtubeUnblock-1.0.0_rc5.ebuild
+++ b/net-proxy/youtubeUnblock/youtubeUnblock-1.0.0_rc5.ebuild
@@ -6,7 +6,7 @@ EAPI=8
 MY_P=${P/_/-}
 MODULES_OPTIONAL_IUSE="+modules"
 
-inherit linux-mod-r1
+inherit linux-mod-r1 fcaps
 
 DESCRIPTION="Bypasses Deep Packet Inspection (DPI) systems that rely on SNI"
 HOMEPAGE="https://github.com/Waujito/youtubeUnblock"
@@ -30,6 +30,14 @@ src_prepare() {
         default
 
         sed -i "s@^KERNEL_BUILDER_MAKEDIR:=.*@KERNEL_BUILDER_MAKEDIR:=/lib/modules/${KV_FULL}/build@" kmake.mk || die "Fail to set desired kernel version in the Makefile"
+        sed -i -e "/\[Service\]/a DynamicUser=true" \
+        -e "/\[Service\]/a AmbientCapabilities=CAP_NET_RAW CAP_NET_ADMIN" \
+        -e "/\[Service\]/a CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW" \
+        -e "/\[Service\]/a RestrictNamespaces=yes" \
+        -e "/\[Service\]/a ProtectSystem=full" \
+        -e "/\[Service\]/a ProtectHome=true" \
+        -e "/\[Service\]/a PrivateTmp=true" \
+        youtubeUnblock.service
 }
 
 src_compile() {
@@ -54,6 +62,10 @@ src_install() {
 }
 
 pkg_postinst() {
+		if use uspace; then
+			fcaps cap_net_raw,cap_net_admin "${EROOT}"/usr/bin/"${PN}"
+		fi
+		
         if use module-src && ! use modules; then
                 einfo
                 einfo "You have enabled the module-src USE flag without the modules USE"