diff --git a/templates/step-ca.service.j2 b/templates/step-ca.service.j2
index e7c1de4..928b79f 100644
--- a/templates/step-ca.service.j2
+++ b/templates/step-ca.service.j2
@@ -23,26 +23,5 @@ TimeoutStopSec=30
 StartLimitInterval=30
 StartLimitBurst=3
 
-; Process capabilities & privileges
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-CapabilityBoundingSet=CAP_NET_BIND_SERVICE
-SecureBits=keep-caps
-NoNewPrivileges=yes
-
-; Sandboxing
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
-PrivateTmp=true
-PrivateDevices=true
-ProtectControlGroups=true
-ProtectKernelTunables=true
-ProtectKernelModules=true
-LockPersonality=true
-RemoveIPC=true
-RestrictRealtime=true
-SystemCallFilter=@system-service
-SystemCallArchitectures=native
-MemoryDenyWriteExecute=true
-ReadWriteDirectories=/etc/step-ca/.step/db
-
 [Install]
 WantedBy=multi-user.target
\ No newline at end of file