Junior Software Developer destroys production database

Johnatan56

Honorary Master
Joined
Aug 23, 2013
Messages
30,955
Accidentally destroyed production database on first day of a job, and was told to leave, on top of this i was told by the CTO that they need to get legal involved, how screwed am i?

Today was my first day on the job as a Junior Software Developer and was my first non-internship position after university. Unfortunately i screwed up badly.

I was basically given a document detailing how to setup my local development environment. Which involves run a small script to create my own personal DB instance from some test data. After running the command i was supposed to copy the database url/password/username outputted by the command and configure my dev environment to point to that database. Unfortunately instead of copying the values outputted by the tool, i instead for whatever reason used the values the document had.
...
https://np.reddit.com/r/cscareerque...ccidentally_destroyed_production_database_on/

Eli on it:
[video=youtube;vT6wQFhLpro]https://www.youtube.com/watch?v=vT6wQFhLpro[/video]

Thought it would be an interesting post.

What do you think would happen to him (the junior developer) in the South African context? Would the CTO blame the junior and it later backfire or the company get off Scot free? Would any companies you've worked at done similar or are there the proper checks in place that something like that would definitely never happen?
 

Messugga

Honorary Master
Joined
Sep 4, 2007
Messages
12,746
Only the company is to blame. Wtf is a junior software developer given the ability (credentials) to ruin a production environment?
 

Hamster

Resident Rodent
Joined
Aug 22, 2006
Messages
42,920
I think the CTO should be fired for allowing a junior developer root access to a production database.

Hoe can you blame a junior who by definition knows nothing.
 

Claymore

Executive Member
Joined
Jan 20, 2004
Messages
8,340
In our environment, Risk would have some very hard questions about the procedures and documentation, the access to prod, the credentials for prod being available, etc. The poor dude would not be at fault.
 

Zoopy

Banned
Joined
Jul 20, 2016
Messages
1,457
I remember reading this when it dropped.

I wish we could get a follow-up on what happened. If that CTO didn't get his ass kicked to the curb, the company is a total ****show.
 

Ancalagon

Honorary Master
Joined
Feb 23, 2010
Messages
18,140
25 days is long ago?

In the tech world, 25 days is equivalent to like 7 human years.

But seriously, that CTO should be fired for incompetence.

Technology management - doesn't implement proper security and access control, should be immediate grounds for termination for a CTO.

People management - fires somebody else rather than take responsibility for his own mistakes, thereby destroying the morale of the entire team. Also should be immediate ground for termination.
 

aybbleek

Expert Member
Joined
Sep 9, 2013
Messages
1,611
The document obviously included credentials that had root/admin privilege access to the db. To me that is negligence by the CTO
 

SBSP

Senior Member
Joined
Sep 7, 2007
Messages
663
They should have given him a raise for highlighting the risk :D sure sounds like the company has excellent access control.
 

Compton_effect

Honorary Master
Joined
Sep 7, 2006
Messages
12,292
Based on previous experience - he'd be ok. But who-ever drafted that document would have been fired.
That is bad luck. It happens to us all - myself, I ran a update script without highlighting the where clause.

Now one idiot I worked with - he thought it would be funny to put a April's Fool joke in a application. If the telemarketer clicked the save button - a dancing skeleton would pop up, with a deleting 'Data message' showing for a minute. Every time they clicked the button. The system was used by a call-center handling incoming calls. He was actually escorted off the premises.
 

Moosedrool

Honorary Master
Joined
May 24, 2012
Messages
11,441
This is why my job exist. :D As much as a pain in the ass I am, each and every access request goes through me for a reason. And not even techs or software dev's have frekin admin access on stuff, servers databases, the works without proper motivation. The company is at fault for giving the guy access to a mission critical system on his first day. I rarely give group access like that unless they can prove they absolutely need it for work (aka a production change is going through) and even then depending on the system it is very temporary like only during that change's window will be where you'd be able to touch it.
 

zippy

Honorary Master
Joined
May 31, 2005
Messages
10,321
I wonder if they changed the document to no longer contain values for their production environment :)
 
Top