diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedSpawnRunner.java b/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedSpawnRunner.java
index ab81372fda7b58..18cd8b1ff64325 100644
--- a/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedSpawnRunner.java
+++ b/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedSpawnRunner.java
@@ -187,6 +187,12 @@ private boolean useHermeticTmp() {
       return false;
     }
 
+    if (getSandboxOptions().useHermetic) {
+      // The hermetic sandbox is, well, already hermetic. Also, it creates an empty /tmp by default
+      // so nothing needs to be done to achieve a /tmp that is also hermetic.
+      return false;
+    }
+
     boolean tmpExplicitlyBindMounted =
         getSandboxOptions().sandboxAdditionalMounts.stream()
             .anyMatch(e -> e.getKey().equals("/tmp"));