outside of debian (where most programmer types DO have a very solid grasp of sysadmin concepts), most programmers just aren’t interested in sysadmin-type things, which is why a system administered by a programmer is usually a complete mess, with crap slopped all over the place, and vital stuff running out of some programmer’s home directory (which, of course, breaks when they quit and their account is disabled), and other abominations.

similarly, many sysadmins have about as much interest in large programming projects as programmers have in systems administration. most sysadmin programming is writing and/or applying patches; hacking code, Makefiles, configure files etc so that they actually bloody compile; quick and dirty hacks; data mangling tools; systems automation stuff…i.e. mostly sysadmin tools, not applications.

there are people who are interested in and even good at both, but they are the exception, not the rule. compared to the general geek population, debian has an extraordinarily large percentage of people like this.

i.e. two complimentary, but different, skill sets. and two different definitions of what kind of things are “interesting enough” to devote considerable time and attention to.

FWIW, i’m a sysadmin, not a programmer. my basic rule of thumb is that if a project takes more than about 2 or 3 screenfuls of code to write, or if it requires an end-user interface, then get a programmer to do it. anything less than that, i’ll do myself. I’m just not interested enough in C to ever get really good at it…i’m a reasonably proficient amateur C coder and not likely to ever become an expert. Over the years, i’ve maintained several packages within debian that were way beyond my ability to code myself, but which were well within my ability to make small patches to, organise into a logical system according to debian policy, and generally package properly.

for security stuff, though, i tend to agree with you – if you’re doing anything security sensitive then you need a solid understanding of security issues….both from a programmers’ perspective AND a sysadmin’s.

one of my packages, postfix-tls, was particularly security sensitive. i managed to do a good job of it because i had a good knowledge of security from a sysadmin’s perspective and enough C knowledge for read-mostly understanding of the code, PLUS good communication with and trust of the upstream author’s skill. (postfix-tls is now obsolete because the stupid US export crypto laws were changed and no longer prohibit crypto in the main postfix package)

BTW, i’ve always thought of debian as being a distribution designed by sysadmins for sysadmins – because sysadmin types want a coherent, consistent system and the only way to get that is with policies and standards. most other distros are put together primarily by programmers rather than sysadmins – and it shows.