Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Steve Jones SQLCMD RE: SQLCMD

  • November 20, 2013 at 10:33 pm

    #1668022

    Jeff Moden (11/20/2013)

    opc.three (11/20/2013)

    Chances are I could accomplish this through a SQLCLR. I could definitely setup an Agent job that a low-priv user could run by executing a stored proc.

    Heh... who on this good green Earth with even an ounce of concern for security would allow that to happen in an uncontrolled manner? Yes, I agree that there are many ways that, as an SA prived DBA, I could allow that to happen. That's part of my point. It either takes a person with SA privs to use it, never mind enable it. The exception to the enabling rule is that someone with Control Server privs could also enable it. Any DBA that gives a non-DBA those privs should be fired for reasons of bad security. The exception to direct usage is if some DBA is dumb enough to grant usage privs to a non-DBA user to execute xp_CmdShell directly. The DBA should be fired for that mistake, as well.

    Ahhh, some common ground. And to that end, just because you can, doesn't mean you should 😉

    And I understand about the backup thing. My question to you was do you know of any xp that can delete text or other files? I do. It's called xp_CmdShell 😉

    And my question to you is, why would you ever need to delete text files on the host operating system's file system using T-SQL? The answer is you don't.

    There are no special teachers of virtue, because virtue is taught by the whole community.
    --Plato