diff --git a/backive/core/backup.py b/backive/core/backup.py
index e267a76..b35f657 100644
--- a/backive/core/backup.py
+++ b/backive/core/backup.py
@@ -44,10 +44,15 @@ class Backup:
             stdout, stderr = await proc.communicate()
             logging.debug("stdout: %s", stdout)
             logging.debug("stderr: %s", stderr.decode())
+            user = self.config.get("user")
             proc = await asyncio.create_subprocess_shell(
+#                "set -x; chown -R {} ${{BACKIVE_MOUNT}}/${{BACKIVE_TO}};".format(user) +
+#                "sudo -E -u {} sh -c '".format(user) + 
                 self.config.get("script"),
+#                "'",
                 stdout=asyncio.subprocess.PIPE,
                 stderr=asyncio.subprocess.PIPE,
+                shell=True,
                 env=backup_env
             )
             stdout, stderr = await proc.communicate()
diff --git a/backive/core/device.py b/backive/core/device.py
index 4471e9e..0e98f84 100644
--- a/backive/core/device.py
+++ b/backive/core/device.py
@@ -31,16 +31,18 @@ class Device:
         # TODO: use mkdir as indicator for correct access rights (when backive
         # is run as user!)
         proc = await asyncio.create_subprocess_shell(
-            """mkdir -p {mountpoint}
-sudo mount -v -o users {dev_path} {mountpoint}""".format(
+            """set -x; mkdir -p {mountpoint}
+mount -v -o users,noexec {dev_path} {mountpoint}""".format(
                 mountpoint=self._mount_dir,
-                dev_path=dev_path
+                dev_path=dev_path,
             ),
+            shell=True,
             stdout=asyncio.subprocess.PIPE,
             stderr=asyncio.subprocess.PIPE,
         )
         stdout, stderr = await proc.communicate()
         logging.debug("stdout: %s", stdout)
+        logging.debug("stderr: %s", stderr)
         # TODO: Also add a touch operation in the target mount if the correct
         # access rights are given! (when backive is run as user)
         return True # on success, False on failure