RE: How to call a batch file to execute from an SP

SSC Guru

Points: 1003894

March 24, 2013 at 4:04 pm

opc.three (3/24/2013)
Jeff Moden (3/24/2013)
The problem is that you only think you're locking the doors by turning off xp_CmdShell. What you forgot to do is to take the keys off the hook next to the doorknob.
Who in their right mind would have a key-hook on the outside if their house 😛

BWAAA-HAAA! Maybe the cousins of the ones that lock the door and leave the key in it?

But that does exemplify the thoughts I have on the xp_CmdShell subject. "Who in their right mind" would think that turning xp_CmdShell provides any kind of improved security at all? Too many people think that turning off xp_CmdShell provides a locked door. While it While it may physically lock the door and require someone with a key to unlock it, too many people either leave the keys close to the door or actually leave the key in the door.

I'm not so much interested in compelling people to use xp_CmdShell. That's up to them. I just don't want anyone to believe for even a micro second that turning of xp_CmdShell does anything substantial to improve security. That's all.

--Jeff Moden

RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

Change is inevitable... Change for the better is not.

Helpful Links:
How to post code problems
How to Post Performance Problems
Create a Tally Function (fnTally)