Home Forums SQL Server 7,2000 Administration xp_cmdshell RE: xp_cmdshell

  • May 6, 2013 at 4:02 pm

    #1612803

    EdVassie (12/18/2007)

    sp_configure 'xp_cmdshell' is only available in SQL 2005 and above.

    In SQL 2000, the best way to disable xp_cmdshell is to modify its permissions in master to prevent use by Public. This will still allow sysadmin users to run xp_cmdshell.

    To stop sysadmin users running it, drop the extended proc xp_cmdshell. This will prevent anyone running it. It you do drop the proc, make sure you know how to re-instate it if needed.

    Hey, Ed! I know this is an old post but do you know of any sure-fire way to prevent "SA" users from using xp_CmdShell if they decide they want to turn it on?

    --Jeff Moden

    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.

    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)