We need to secure the access to variables at environment level and currently although it looks possible to do so, environment is an available scope option for allowing and denying the viewing and editing of variable, it currently does not work.
We are using Octo.exe within TeamCity to create releases in our dev environment and we need to ensure that the user we use for that is unable to deploy to other environments including viewing or editing variables.