Kenneth Wilhelmsson (2/27/2008)
Security concerns around xp_cmdshell is a valid point...
I've found that most of the security concerns about xp_CmdShell are mostly based on emotion rather than anything practical. Turning it off provides no real layer of security and only hinders those that need to use it. The ONLY security concern I have about is those that allow non-SA users to use it directly. It can and should be all done through stored procedures.
--Jeff Moden
Change is inevitable... Change for the better is not.