diff --git a/flake.nix b/flake.nix
index 2ac5d64..3eaf93a 100644
--- a/flake.nix
+++ b/flake.nix
@@ -103,6 +103,7 @@
           patches = [
             ./nixpkgs-patches/pr454957.patch
             ./nixpkgs-patches/pr454958.patch
+            ./nixpkgs-patches/pr455128.patch
           ];
         };
         nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches {
diff --git a/nixpkgs-patches/pr455128.patch b/nixpkgs-patches/pr455128.patch
new file mode 100644
index 0000000..c44ebb6
--- /dev/null
+++ b/nixpkgs-patches/pr455128.patch
@@ -0,0 +1,22 @@
+From 2e9d838795edcec2b79dda0284acf27ee34b1ecc Mon Sep 17 00:00:00 2001
+From: h7x4 <h7x4@nani.wtf>
+Date: Fri, 24 Oct 2025 14:24:14 +0900
+Subject: [PATCH] nixos/rtkit: fix hardening
+
+---
+ nixos/modules/security/rtkit.nix | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/nixos/modules/security/rtkit.nix b/nixos/modules/security/rtkit.nix
+index d7c6df17f03b9..f2cd256468da9 100644
+--- a/nixos/modules/security/rtkit.nix
++++ b/nixos/modules/security/rtkit.nix
+@@ -64,7 +64,7 @@ in
+         ];
+ 
+         # Needs to verify the user of the processes.
+-        PrivateUsers = "full";
++        PrivateUsers = false;
+         # Needs to access other processes to modify their scheduling modes.
+         ProcSubset = "all";
+         ProtectProc = "default";