You need a Linux machine in a separate network with separate firewall rules and the developer has to devote a bit of their time to managing that machine.
It can even be centrally managed, if you have the capacity.
But why would you want that? To secure your shit while allowing the devs to to what they like to their equipment.
As an example of scale, my company has an entire IT team of a handful of people for managing such an environment for a thousand or so devs and engineers.
As someone who does exactly that right now. Yes.
You need a Linux machine in a separate network with separate firewall rules and the developer has to devote a bit of their time to managing that machine.
It can even be centrally managed, if you have the capacity.
But why would you want that? To secure your shit while allowing the devs to to what they like to their equipment.
In an ideal world I agree with you, but when resources are limited, running a separate environment is not allways realistic.
^ this
As an example of scale, my company has an entire IT team of a handful of people for managing such an environment for a thousand or so devs and engineers.
My past role was a combined role of these:
Helpdesk technician
VIP technician
Linux system administrator
We didn’t effectively administrate the Linux environment, I was the only linux admin at the company, and I wasn’t even doing it full time.