I'm not saying you should allow all your devs access to the prod server in practice (security in layers and all that). I'm saying, if you wouldn't trust a person to be competent and aligned enough with your goals to have that access in principle, why would you trust them to write code for you? Code that's going to run on that very same server you're so protective about. Sure you may scrutinize every line they write in detail, but then what's the point of hiring them?