opc.three (4/24/2013)
I would also like to mention again that Microsoft has initialized the xp_cmdshell option as "disabled" since SQL 2005 and just about every "Security Best Practices" document, book or respected figure on the topic recommends leaving it disabled.
Which is plainly stupid.
Yes, MS settings are stupid, and all those "Security Best Practices" are stupid.
Because - there is no way to disable xp_cmdshell for those users which could possibly run it.
If a user has privileges to execute xp_cmdshell the very same user has privileges to enable/disable it at any moment.
You may only "disable" xp_cmdshell by some HR policy.
But it will only prevent constructive, controllable use of the functionality, with no effect on any malicious activity.
Because malicious activity is not about following company rules - that's why it's named malicious.
Disabling xp_cmdshell for security reasons is like replacing a front door to your house with a turnpike accompanied with a strong warning about crosing the line.
It may stop only good people from entering your house.
But thiefs - they will only laugh at such "security". And strong warning will only remind them to be careful and not leave fingerprints inside (thank you, hosts).
How stupid does that sound?
_____________
Code for TallyGenerator