Dave Vroman (6/20/2013)
[p]Because of PCI compliance, both xp_cmdshell and db_sendmail are disabled on our database servers. I needed to get some of my tasks to send email to me so I used CDOSYS.
Since anyone with "SA" privs (attacker or overcurious DBA) can easily get to the command prompt either by turning xp_CmdShell on or through other methods, I'm curious why the PCI would require such a thing. It's been years since I've read/studied the PCI spec. Do you happen to have a link for it?
--Jeff Moden
Change is inevitable... Change for the better is not.