Package: mariadb Version: 1:11.8.5-1 Severity: wishlist Running `systemd-analyze security mariadb.service` gives a score of 8.8.
Further hardening would be appreciated; for example, with `CapabilityBoundingSet`. This domain needs some research, and cross-referencing with that upstream potentially has already done on the development branch `main` and what is tracked at jira.mariadb.org. Debian could help upstream improve the systemd service and security features, and adopt them in 11.8.x until they are fully upstreamed and can be dropped in Debian. We should avoid adding features in Debian that upstream disagrees on, as we don't want to maintain divergent features forever.
