I agree with almost everything you said except the last part. I don't consider using SSIS (for example) to be a "more robust" way of doing things. More complicated, more costly, and requiring different skills, yes. More robust... well, that's only in the eyes of the beholder. Heh... I guess that's a bone of contention we'll never resolve between us.

Still, if a company wants to really limit the damage that can be done if someone does get in with "SA", then I absolutely agree with everything you've said. Guess I'll have to find a nice Windows forum and see if someone can come up with a method similar to the detection code you were kind enough to provide. Yep... I'm still interested in doing this (even though I'd probably never implement it on my machines) because just disabling xp_CmdShell provides no non-trivial safety. It's just too easy for someone with "SA" privs to reverse it or get around it using an EXEC task, OPENROWSET, etc.

Oh... and the "interactive command prompt" that they were referring to is actually cmd.exe. It will be interesting, once we find a way of disabling it for SQL Server, to see if such things as backups still work.