diff --git a/shm.c b/shm.c
index 123adaf3..d543e1f4 100644
--- a/shm.c
+++ b/shm.c
@@ -330,8 +330,13 @@ get_new_buffers(struct buffer_chain *chain, size_t count,
     struct buffer_pool *pool = NULL;
 
     /* Backing memory for SHM */
+#if defined(MFD_NOEXEC_SEAL)
+    #define FOOT_MFD_FLAGS (MFD_CLOEXEC | MFD_ALLOW_SEALING | MFD_NOEXEC_SEAL)
+#else
+    #define FOOT_MFD_FLAGS (MFD_CLOEXEC | MFD_ALLOW_SEALING)
+#endif
 #if defined(MEMFD_CREATE)
-    pool_fd = memfd_create("foot-wayland-shm-buffer-pool", MFD_CLOEXEC | MFD_ALLOW_SEALING);
+    pool_fd = memfd_create("foot-wayland-shm-buffer-pool", FOOT_MFD_FLAGS);
 #elif defined(__FreeBSD__)
     // memfd_create on FreeBSD 13 is SHM_ANON without sealing support
     pool_fd = shm_open(SHM_ANON, O_RDWR | O_CLOEXEC, 0600);