diff --git a/qm.container b/qm.container
index bb1ca1df..2129b6b5 100644
--- a/qm.container
+++ b/qm.container
@@ -80,11 +80,20 @@ Network=private
 # Makes the container's filesystem read-only, enhancing security by preventing modifications.
 ReadOnly=true
 
+# TmpFS flags
+ReadOnlyTmpfs=false
+Mount=type=tmpfs,tmpfs-size=512M,destination=/tmp
+Mount=type=tmpfs,tmpfs-size=512M,destination=/run
+Mount=type=tmpfs,destination=/dev/shm
+
 # Rootfs
 # ------
 # Defines the root filesystem location for QM partition.
 # By default the '${ROOTFS}' variable points to /usr/lib/qm/rootfs.
 # For details see: https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html#rootfs
+#
+# TmpFS flags
+# -----------------
 Rootfs=${ROOTFS}
 
 SecurityLabelNested=true
@@ -94,3 +103,4 @@ SecurityLabelType=qm_t
 Timezone=local
 Volume=${RWETCFS}:/etc
 Volume=${RWVARFS}:/var
+