being upstreamed here: https://github.com/anbox/anbox/pull/1381

diff --git a/src/anbox/input/device.cpp b/src/anbox/input/device.cpp
index 130ae1d..eb63ecc 100644
--- a/src/anbox/input/device.cpp
+++ b/src/anbox/input/device.cpp
@@ -38,6 +38,10 @@ std::shared_ptr<Device> Device::create(
   sp->connector_ = std::make_shared<network::PublishedSocketConnector>(
       path, runtime, delegate_connector);
 
+  // FIXME: currently creating the socket creates it with the rights of
+  // the user we're running as. As this one is mapped into the container
+  ::chmod(path.c_str(), S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
+
   return sp;
 }
 
diff --git a/src/anbox/input/manager.cpp b/src/anbox/input/manager.cpp
index eacdd8b..f5d44ea 100644
--- a/src/anbox/input/manager.cpp
+++ b/src/anbox/input/manager.cpp
@@ -26,7 +26,9 @@
 namespace anbox {
 namespace input {
 Manager::Manager(const std::shared_ptr<Runtime> &runtime) : runtime_(runtime) {
-  utils::ensure_paths({SystemConfiguration::instance().input_device_dir()});
+  const auto dir = SystemConfiguration::instance().input_device_dir();
+  utils::ensure_paths({dir});
+  ::chmod(dir.c_str(), S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
 }
 
 Manager::~Manager() {}