diff --git a/containerd/containerd.go b/containerd/containerd.go
index 776ef30..051bb4e 100644
--- a/containerd/containerd.go
+++ b/containerd/containerd.go
@@ -38,6 +38,10 @@ func (d *Driver) createContainer(image containerd.Image, containerName, containe
 
 	opts = append(opts, oci.WithImageConfigArgs(image, args))
 
+	if config.Privileged {
+		opts = append(opts, oci.WithPrivileged)
+	}
+
 	if len(config.CapAdd) > 0 {
 		opts = append(opts, oci.WithAddedCapabilities(config.CapAdd))
 	}
diff --git a/containerd/driver.go b/containerd/driver.go
index e7094fe..101334e 100644
--- a/containerd/driver.go
+++ b/containerd/driver.go
@@ -69,11 +69,12 @@ var (
 	// this is used to validate the configuration specified for the plugin
 	// when a job is submitted.
 	taskConfigSpec = hclspec.NewObject(map[string]*hclspec.Spec{
-		"image":    hclspec.NewAttr("image", "string", true),
-		"command":  hclspec.NewAttr("command", "string", false),
-		"args":     hclspec.NewAttr("args", "list(string)", false),
-		"cap_add":  hclspec.NewAttr("cap_add", "list(string)", false),
-		"cap_drop": hclspec.NewAttr("cap_drop", "list(string)", false),
+		"image":      hclspec.NewAttr("image", "string", true),
+		"command":    hclspec.NewAttr("command", "string", false),
+		"args":       hclspec.NewAttr("args", "list(string)", false),
+		"cap_add":    hclspec.NewAttr("cap_add", "list(string)", false),
+		"cap_drop":   hclspec.NewAttr("cap_drop", "list(string)", false),
+		"privileged": hclspec.NewAttr("privileged", "bool", false),
 	})
 
 	// capabilities indicates what optional features this driver supports
@@ -96,11 +97,12 @@ type Config struct {
 // TaskConfig contains configuration information for a task that runs with
 // this plugin
 type TaskConfig struct {
-	Image   string   `codec:"image"`
-	Command string   `codec:"command"`
-	Args    []string `codec:"args"`
-	CapAdd  []string `codec:"cap_add"`
-	CapDrop []string `codec:"cap_drop"`
+	Image      string   `codec:"image"`
+	Command    string   `codec:"command"`
+	Args       []string `codec:"args"`
+	CapAdd     []string `codec:"cap_add"`
+	CapDrop    []string `codec:"cap_drop"`
+	Privileged bool     `codec:"privileged"`
 }
 
 // TaskState is the runtime state which is encoded in the handle returned to