opc.three (3/26/2013)
Jeff, I respect your position, however vehemently I might disagree with it. You make valid points but for me, xp_cmdshell is not and never will be cast in a positive light and hope it is eventually dropped from the product like some of the other Extended Stored Procedures that have started to get picked off as the releases roll by.
I also respect your personal position on the subject but you're still missing the point. I don't mind you casting a bad light on xp_CmdShell and recommending that people don't use it even if I disagree with that position. Tell them about the alternatives that you use. I just don't want people to think that turning xp_CmdShell off provides them with any form of protection from command line usage because it doesn't. Any user with "SA" privs can get to the command line in a totally undetectable fashion even if xp_CmdShell is turned off and bad security is the real problem.
--Jeff Moden
Change is inevitable... Change for the better is not.