RE: BCP command using TSQL without xp_cmdshell

SSC Guru

Points: 1003867

May 2, 2009 at 12:43 pm

george sibbald (5/2/2009)
as part of the same job enable xp_cmdshell just before the bcp and disable it again immediately afterwards

That would certainly work... I guess my question would be...

If the job being run can do that, what's to prevent other users from doing the same? The answer is security. xp_CmdShell requires SA privs to be executed. Disabling xp_CmdShell will not prevent a user with SA privs from enabling it and non SA users can do neither.

Enable xp_CmdShell, leave it enabled, and restrict all users but a "batch" user from having SA privs. There is no need to ever expose the password for that batch user either. It can all be done through callable jobs.

--Jeff Moden

RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

Change is inevitable... Change for the better is not.

Helpful Links:
How to post code problems
How to Post Performance Problems
Create a Tally Function (fnTally)