diff --git a/roles/flame/tasks/main.yml b/roles/flame/tasks/main.yml
index 1d6db78..ed8dfac 100644
--- a/roles/flame/tasks/main.yml
+++ b/roles/flame/tasks/main.yml
@@ -24,7 +24,7 @@
     networks:
       - name: "{{ docker_network.name }}"
     volumes:
-      - "/var/run/docker.sock:/var/run/docker.sock"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
       - "{{ flame_config_dir.path }}:/app/data:rw"
     env:
       PASSWORD: "{{ flame_password }}"
diff --git a/roles/prometheus/tasks/exporter-cadvisor.yml b/roles/prometheus/tasks/exporter-cadvisor.yml
index 7a0d93c..0657ba8 100644
--- a/roles/prometheus/tasks/exporter-cadvisor.yml
+++ b/roles/prometheus/tasks/exporter-cadvisor.yml
@@ -10,7 +10,7 @@
     name: exporter_cadvisor
     image: "{{ prometheus_exporters.cadvisor.image }}"
     recreate: true
-    user: "{{ docker_user.uid }}:{{ docker_user.gid }}"
+    # user: "{{ docker_user.uid }}:{{ docker_user.gid }}"
     privileged: true
     restart_policy: unless-stopped
     published_ports:
@@ -20,7 +20,7 @@
     volumes:
       - /:/rootfs:ro
       - /sys:/sys:ro
-      - /var/run:/var/run:rw
+      - /var/run:/var/run:ro
       - /var/lib/docker/:/var/lib/docker:ro
       - /dev/disk/:/dev/disk:ro
     devices: