Comment by pjmlp

2 days ago

This is standard practice for years in big corporations.

You install software via ticket requests to IT, and devs might have admin rights, but not root, and only temporary.

This is nothing new though, back in the timesharing days, where we would connect to the development server, we only got as much rights as required for the ongoing development workflows.

Hence why PCs felt so liberating.

5 comments

pjmlp

Reply
betaby  2 days ago

It's a standard practice. And at $CURENT_JOB it's driven by semi-literate security folks, definitely not insurance.

  • pjmlp  2 days ago

    Insurance and liability concerns drive the security folks.

    Just wait when more countries keep adopting cybersecurity laws for companies liabilities when software doesn't behave, like in any other engineering industry.

    • stefan_  2 days ago

      Hello, the security folks in those companies made those up. "cyber insurance" is hogwash. That entire branch has been taken over by useless middle manager types who know to type up checklists in Word but have no understanding of anything.

      2 replies →