top | item 20168485

(no title)

I'm heading down this path right now. How do I obtain my certs while also allowing enough freedom for the dev teams to operate.

We have to deal with the fallout when they screw something up, there has to be a happy medium somewhere.

discuss

user5994461|6 years ago

What's the issue specifically?

Developers don't need admin rights for much of anything in this decade. No need to bother with that.

Common software has to be made available in self-service, so developers can install development tools like notepad++ or visual studio.

Deployment is usually the challenge because you have to store binaries somewhere, copy it to some random servers and finally execute it, each step causing numerous security headaches, so there has to be some approved tooling to handle that.

stefan_|6 years ago

You can't get past "docker run" without admin rights. No, the challenge is access to production data without auditing.

jrjarrett|6 years ago

Developers don't need admin rights for much of anything in this decade. No need to bother with that.

Please defend this position.

My experience, mostly with Linux-like tools, is that those tools are built with the assumption they are being used by someone who knows what they are doing, and that they have the appropriate level of control of the machine -- they are tools for professionals to build tools.

If you don't have rights to install or execute them, you're done. You can't make any forward progress.