To learn, one has to try something new. To try something new means risking failure. If you're not making a few mistakes, you're not trying to learn. In my opinion, one of the best ways to help someone onward is to give them just a little more responsibility than they can handle.

Now, mistakes cannot realistically be tolerated in a production environment, hence the need for the dev, test, pre-prod and sandpit environments. However, what's the use in creating somewhere for developers to develop (together with the bugs they'll encounter along the way) and then locking it down so tight as to all but stifle the development?

As we've discussed on previous threads, I believe security is only in part a technical issue, the greater part being the human dimension. If the DBAs and developers in a team work at their relationship rather than relying on technical safeguards and barriers, the understanding that grows between them can be reflected in wider (monitored) freedom within the volatile development environments. And, because this scenario involves DBA and developer working together, any code that has to be promoted to live has already become familiar to everyone involved.

Yes, I believe there's a happy medium, but I don't believe it to be a compromise. Rather, I believe it to be the best of both worlds.