What is typically frowned upon are ad hoc distributed queries.
Ad Hoc Distributed Query Option
The reason this type of access is typically bad is it could potentially allow a user to make a remote connection in the context of the SQL Server service account. Obviously this would mean a user might be able to make a connection which has greater privileges than the user actually has. The solution to this problem is... you guessed it... linked servers because you can control the logins and how they map.
With respect to linked servers there are two main arguments. If you have Windows authentication coming in and Windows authentication coming out in context of the user, then you've got to set up both SQL Servers for Kerberos authentication (not a big deal) but you've also got to set up the first SQL Server's service account to be able to do Kerberos delegation (a big deal because it is now impersonating users). If you don't go that route, you've got one of the connections as a SQL Server login, with the usual arguments against that. And that actually raises the second argument, in that if it's a SQL Server-based login traversing the linked server connection, that means that the username/password combination is being stored on the first server, albeit encrypted. Thus far I don't know of any literature which shows that the password encryption has proven any weaker than the standard password encryption, so I don't put much stock in that.
Another, weaker argument is that since you've got a linked server connection defined, that there is something which folks can see that would indicate a link between the two SQL Servers. However, if you're doing replication, the same type of evidence is there.
Probably the best way to handle this is to understand what the objections are. There's got to be a reason they are "No linked servers allowed," and it usually involves someone hearing/reading something or someone in the past not setting things up in a secure way. Ultimately it's a business decision (security always is as it is a trade-off with functionality), so try and approach it from that direction. There's a cost to doing it via alternative methods. When the cost vs. risk is considered, they may back off, especially if you've been able to show that you mitigate any significant risk that they may express as to why they block linked servers in the first place.
K. Brian Kelley