diff --git a/manifests/09_operator.yaml b/manifests/09_operator.yaml
index 26d4415a4..c22518b95 100644
--- a/manifests/09_operator.yaml
+++ b/manifests/09_operator.yaml
@@ -44,6 +44,7 @@ spec:
       containers:
         - name: marketplace-operator
           securityContext:
+            readOnlyRootFilesystem: true
             allowPrivilegeEscalation: false
             capabilities:
               drop: ["ALL"]
@@ -93,11 +94,15 @@ spec:
             - name: GOMEMLIMIT
               value: 5MiB
           volumeMounts:
+            - mountPath: /tmp
+              name: tmp
             - name: marketplace-trusted-ca
               mountPath: /etc/pki/ca-trust/extracted/pem/
             - name: marketplace-operator-metrics
               mountPath: /var/run/secrets/serving-cert
       volumes:
+        - emptyDir: {}
+          name: tmp
         - name: marketplace-trusted-ca
           configMap:
             optional: true