diff --git a/krebs/5pkgs/Reaktor/plugins.nix b/krebs/5pkgs/Reaktor/plugins.nix
index 242373ced..a483db32c 100644
--- a/krebs/5pkgs/Reaktor/plugins.nix
+++ b/krebs/5pkgs/Reaktor/plugins.nix
@@ -59,7 +59,7 @@ rec {
   };
 
   sed-plugin = buildSimpleReaktorPlugin "sed-plugin" {
-    path = [ pkgs.gnused pkgs.proot pkgs.python3 ];
+    path = [ pkgs.gnused pkgs.python3 ];
     # only support s///gi the plugin needs to see every msg
     # TODO: this will eat up the last regex, fix Reaktor to support fallthru
     append_rule = true;
diff --git a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
index 6039aeb43..8103c9585 100644
--- a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
+++ b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
@@ -34,22 +34,9 @@ if m:
         flagstr = ''
     last = d.get(usr,None)
     if last:
+        #print(re.sub(fn,tn,last,count=count,flags=flags))
         from subprocess import Popen,PIPE
-        import shutil
-        from os.path import realpath
-        # sed only needs stdin/stdout, we protect state_dir with this
-        # input to read/write arbitrary files:
-        #   s/.\/\/; w /tmp/i       (props to waldi)
-        # conclusion: sed is untrusted and we handle it like this
-        p = Popen(['proot',
-            # '-v','1',
-            '-w','/', # cwd is root
-            '-b','/nix/store', # mount important folders
-            '-b','/usr',
-            '-b','/bin',
-            '-r','/var/empty', # chroot to /var/empty
-            realpath(shutil.which('sed')),
-            's/{}/{}/{}'.format(f,t,flagstr)],stdin=PIPE,stdout=PIPE )
+        p = Popen(['sed','s/{}/{}/{}'.format(f,t,flagstr)],stdin=PIPE,stdout=PIPE )
         so,se = p.communicate(bytes("{}\n".format(last),"UTF-8"))
         if p.returncode:
             print("something went wrong when trying to process your regex: {}".format(se.decode()))