diff --git a/modules/wrapper-manager/sandboxing/bubblewrap/default.nix b/modules/wrapper-manager/sandboxing/bubblewrap/default.nix
index 359316e3..d886d34d 100644
--- a/modules/wrapper-manager/sandboxing/bubblewrap/default.nix
+++ b/modules/wrapper-manager/sandboxing/bubblewrap/default.nix
@@ -87,7 +87,10 @@ in
                   config.env;
 
               arg0 = lib.getExe' submoduleCfg.package "bwrap";
-              prependArgs = lib.mkBefore (submoduleCfg.extraArgs ++ [ "--" submoduleCfg.wraparound.executable ] ++ submoduleCfg.wraparound.extraArgs);
+              prependArgs = lib.mkBefore
+                (submoduleCfg.extraArgs
+                  ++ [ "--" config.sandboxing.wraparound.executable ]
+                  ++ config.sandboxing.wraparound.extraArgs);
             }
 
             (lib.mkIf submoduleCfg.enableNetwork {
diff --git a/modules/wrapper-manager/sandboxing/default.nix b/modules/wrapper-manager/sandboxing/default.nix
index 8e47c2cc..72a5179f 100644
--- a/modules/wrapper-manager/sandboxing/default.nix
+++ b/modules/wrapper-manager/sandboxing/default.nix
@@ -7,7 +7,7 @@
 
   options.wrappers =
     let
-      sandboxingType = { name, lib, config, ... }: {
+      sandboxingType = { name, lib, config, options, ... }: {
         options.sandboxing = {
           variant = lib.mkOption {
             type = with lib.types; nullOr (enum []);
@@ -18,6 +18,11 @@
             default = null;
             example = "bubblewrap";
           };
+
+          wraparound = {
+            executable = options.arg0;
+            extraArgs = options.extraArgs;
+          };
         };
       };
     in