diff --git a/svc/pkg/mm/worker/src/workers/lobby_create/scripts/setup_oci_bundle.sh b/svc/pkg/mm/worker/src/workers/lobby_create/scripts/setup_oci_bundle.sh
index f83c3bd280..cec1843abb 100644
--- a/svc/pkg/mm/worker/src/workers/lobby_create/scripts/setup_oci_bundle.sh
+++ b/svc/pkg/mm/worker/src/workers/lobby_create/scripts/setup_oci_bundle.sh
@@ -61,6 +61,9 @@ EOF
 log "Templating config.json"
 OVERRIDE_CONFIG="$NOMAD_ALLOC_DIR/oci-bundle-config.overrides.json"
 mv "$OCI_BUNDLE_PATH/config.json" "$OVERRIDE_CONFIG"
+
+
+# Template new config
 jq "
 .process.args = $(jq '.process.args' $OVERRIDE_CONFIG) |
 .process.env = $(jq '.process.env' $OVERRIDE_CONFIG) + .process.env |
@@ -75,5 +78,15 @@ jq "
 }]
 " "$NOMAD_ALLOC_DIR/oci-bundle-config.base.json" > "$OCI_BUNDLE_PATH/config.json"
 
+# Validate config
+if [ "$(jq '.process.user.uid' "$OVERRIDE_CONFIG")" == "0" ]; then
+	log "Container is attempting to run as root user"
+	exit 1
+fi
+if [ "$(jq '.process.user.gid' "$OVERRIDE_CONFIG")" == "0" ]; then
+	log "Container is attempting to run as root group"
+	exit 1
+fi
+
 log "Finished setting up OCI bundle"