• opc.three (3/24/2013)


    It is their choice ultimately, but to paraphrase a comment you have made in the past, characterizing xp_cmdshell as "safe as a SELECT statement" is just plain inaccurate. In the spirit of full disclosure, and especially on a public forum, I'll call out the problems with xp_cmdshell every single time and steer people towards more secure, more extensible and more auditable solutions. The fact is that a system with xp_cmdshell disabled has less security exposures, has less vulnerabilities and is more auditable than a system where it is enabled. I feel like it is irresponsible to portray xp_cmdshell in any other way.

    No, it's not inaccurate. What is inaccurate is you saying that that turning off xp_CmdShell provides any kind of addditional security in the face of bad security. It just doesn't. Whether it's turned on or off, if someone get's in with "SA" privs, it's going to be a career changing moment for you. People need to realize that there's no benefit to having it turned off because the first thing any attacker, internal or external, is going to do is turn it on.

    To push the idea that as long as only a few people are in the sysadmin Role and there is no Proxy setup that your instance is secure and auditable is simply not true, speaking of lulling people into a false sense of security.

    Fine. Support your words as I have supported mine. If only few (let's say, 2 DBAs) very trusted individuals have "SA" privs and none of those "individuals" are actually externally outside SQL Server) facing apps (an important point that you've left out that I've emphasized time and again), what kind of problems is having xp_CmdShell turned on going to cause and what kind of problems will be avoided by having it turned off?

    --Jeff Moden


    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.


    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)