Hacker News new | past | comments | ask | show | jobs | submit login

Of course, some people need admin capabilities. But a senior developer? Nah.

Engineers whose specific job it is to admin infra, yes.

Logging is great, but it's a 'we are owned, how do we get them out' measure - we want to avoid getting to that point.

edit: Of course, this all depends on your threat model, posture, maturity, etc. I'm just saying - we have lots of very good reasons to lock devs out.




You're assuming that a small company has a separate person solely dedicated to infrastructure.

Yes I have an AWS certification and on paper I am qualified to be an "AWS Architect". But I would be twiddling my thumbs all day with not enough work to do and would die a thousands deaths if I didn't do hands on coding.


As I said in my edit, this is all subject to the details of a company's posture.


This sounds like Amin access on local machines, not admin access at all?


Actually, I realized we don't even give local admin. I forgot. Unfortunately, no editing.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: