Slashdot Mirror

← Back to Stories (view on slashdot.org)

Should Developers Have Access To Production?

Posted by CmdrTaco on from the can-of-worms dept.

WHiTe VaMPiRe writes "Kyle Brandt recently wrote an editorial exploring the implications of providing developers access to the production servers of a Web site. He explores the risk introduced by providing higher level access as well as potential compromise solutions."

8 of 402 comments (clear)

  1. For me by enderjsv · · Score: 5, Insightful

    Whenever an error occurs that I can't replicate in a dev environment, I'm always SO tempted to hop into prod and start adding in some output statements.

    Yeah, it's probably a good thing I don't have access to prod.

    1. Re:For me by stillpixel · · Score: 5, Funny

      User: There is an error on page X
      I tweak that page code on the production server after looking at the error log. Me back to User: An error really? Have you tried pressing F5?
      User: Oh.. hmmm I guess I must have done something wrong. Sorry for bugging you!
      Me: Hey, no problem.

  2. Short answer by Issarlk · · Score: 5, Insightful

    LOL! No.

  3. Everyone agrees... by SatanicPuppy · · Score: 5, Insightful

    Everyone agrees that developers should never have access to production...Unless they're the developer, in which case it's different.

    Its a good practice to keep them separated, but in the end its just a pissing contest. The server admins don't want some filthy dev messing with their stuff, and I can appreciate that.

    However, admins often lack appreciation of some dev-specific issues, and their ignorance can lead to problems down the line.

    In the end, its the best practice to have everyone work together sensibly, than throw down inflexible rules that cause more trouble than they prevent.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  4. Re:What a silly question. by jameson71 · · Score: 5, Insightful

    On the other hand, I wouldn't want the surgeon to have to give instructions to a trained monkey on how to do the the surgery because the surgeon does not have access to the production patient.

  5. Re:What a silly question. by dkleinsc · · Score: 5, Insightful

    So why would we want developers to work with the expectation that they get to intervene at the last instant to resolve their failures?

    Because if there's a problem, there will be an expectation that they need to intervene to resolve their failures.

    To play Devil's Advocate here, there are some semi-legit reasons why developers might get production access:

    • If there's a serious production failure, developers are often called upon to assist the admins, because while they aren't admin experts they generally have some administration skills.
    • If there's a bug that makes it to production, the time it would take to fix the bug using proper procedures may cost more than doing a quick-and-dirty fix now and cleaning up using proper procedures later.
    • Diagnosing production-only bugs, which frequently require read-only access. For instance, developers may need read-only access to determine that their software didn't deploy correctly.
    • Helping admins properly configure their software.

    Now, none of this should be done willy-nilly. The basic rule at my workplace is that a developer can do nothing that could potentially alter behavior without managerial approval and admin approval where appropriate. At the same time, the primary enforcement of that rule is trusting our devs, so very little of that is actually enforced technologically.

    --
    I am officially gone from /. Long live http://www.soylentnews.com/
  6. Re:What a silly question. by John+Hasler · · Score: 5, Funny

    > There's a difference?

    Sure. The monkey is trained.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  7. Re:What a silly question. by vegiVamp · · Score: 5, Funny

    As a systems admin, I can assure you that there is definitely a difference.

    Trained monkeys get free bananas and are allowed to fondle their bits in public, to name but two.

    --
    What a depressingly stupid machine.