Hacker News new | ask | show | jobs
by sdeziel 3011 days ago
3. Don't let your DB engine execute random executable like wget/dd (Apparmor/SELinux)

4. Don't let your DB host make outbound connections (iptables/ip6tables)
1 comments
emmelaich 3011 days ago
> Don't let your DB host make outbound connections

Which can also be prevented with SELinux

link