That's precisely what I'm afraid of, Orlando. People saying they'd take that kind of a trade 100% of the time. I know you know better (the larger picture) but there are people that don't. They'll believe that just because they're using a CLR and that that they've got xp_CmdShell disabled, that their system is secure and that an attacker can't use xp_CmdShell or any other method to get to a command prompt with extraordinary privs intact. You and I both know better than that.

To wit, if you have a properly secured system, it isn't going to matter if you have xp_CmdShell turned on or not. In fact, you could have stored procedures that use it and your system would still be properly locked down. xp_CmdShell has nothing to do with security risks and does not enable or prevent any risk. Bad security does. 😉