Let the shell free

  • Comments posted to this topic are about the item Let the shell free

  • The correct answer is only a 1/4 correct. You also have to enable advanced options and RECONFIGURE twice (once for the advanced options and once to enable xp_CmdShell.

    Heh... of course, the way I look at it, you shouldn't have to enable it. It should already be enabled because there's no security advantage to disabling it. 😉

    --Jeff Moden


    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.


    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)

  • Jeff Moden (10/23/2016)


    The correct answer is only a 1/4 correct. You also have to enable advanced options and RECONFIGURE twice (once for the advanced options and once to enable xp_CmdShell.

    Heh... of course, the way I look at it, you shouldn't have to enable it. It should already be enabled because there's no security advantage to disabling it. 😉

    Actually it's really only 1/6 correct, because you might want to disable advanced options and reconfigure again.

    I agree that it's been pretty pointless having it disabled as default since the holes in the proxy handling were fixed maybe 14 years ago (I can't remember which service pack fixed that, but I know is it was later than 2002 and earlier than 2005).

    Tom

  • TomThomson (10/24/2016)


    Jeff Moden (10/23/2016)


    The correct answer is only a 1/4 correct. You also have to enable advanced options and RECONFIGURE twice (once for the advanced options and once to enable xp_CmdShell.

    Heh... of course, the way I look at it, you shouldn't have to enable it. It should already be enabled because there's no security advantage to disabling it. 😉

    Actually it's really only 1/6 correct, because you might want to disable advanced options and reconfigure again.

    I agree that it's been pretty pointless having it disabled as default since the holes in the proxy handling were fixed maybe 14 years ago (I can't remember which service pack fixed that, but I know is it was later than 2002 and earlier than 2005).

    Only 14 years and the fear lives on. 😉

  • Jeff Moden (10/23/2016)


    The correct answer is only a 1/4 correct. You also have to enable advanced options and RECONFIGURE twice (once for the advanced options and once to enable xp_CmdShell.

    Heh... of course, the way I look at it, you shouldn't have to enable it. It should already be enabled because there's no security advantage to disabling it. 😉

    Isn't it disabled by default? If so, you'd need to enable it at least once.

    Luis C.
    General Disclaimer:
    Are you seriously taking the advice and code from someone from the internet without testing it? Do you at least understand it? Or can it easily kill your server?

    How to post data/code on a forum to get the best help: Option 1 / Option 2
  • Luis Cazares (10/24/2016)


    Jeff Moden (10/23/2016)


    The correct answer is only a 1/4 correct. You also have to enable advanced options and RECONFIGURE twice (once for the advanced options and once to enable xp_CmdShell.

    Heh... of course, the way I look at it, you shouldn't have to enable it. It should already be enabled because there's no security advantage to disabling it. 😉

    Isn't it disabled by default? If so, you'd need to enable it at least once.

    It can also be enabled by Policy-Based Management but, basically, you're correct. It's a part of my "configure a new server" script to turn enable it.

    --Jeff Moden


    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.


    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)

  • Interesting discussion... Thanks, Steve!

  • Nice question, thanks.

    Need an answer? No, you need a question
    My blog at https://sqlkover.com.
    MCSE Business Intelligence - Microsoft Data Platform MVP

Viewing 9 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic. Login to reply