Suppose someone gets access to the box. They shouldn't be able to curlbash http://evilscript.sh into the system.

So you really want to lock all outgoing and all incoming except for very specific channels and protocols to controlled endpoints.