I guess I'm still an old fart. I like having my SQL and applications separate. Then if Phil is getting on the bandwagon ...
Jonathan, if you want to really freak folks out it's possible to get the size of a directory. Well the sum of it's contents anyway. Your fill row routine only needs to call a recursive function that gets the sum of all the file sizes. This is something that you can't do with the DIR command itself.
SPEAKING OF ACCOUNTS! Drive letters can mess you up bad. Each account can have it's own drive letters. So Y: for me can be different from Y: for you on the same machine. Thankfully MS has seen fit to NOT map drive letters if you are not on a GUI. Still (and I'll skip the long, drawn out, tirade) different accounts can see the file system world differently. Consult your system policy very carefully.
Using Dot Net code it's a bit more difficult to do:
DEL C:\*.* /S < y.txt
But not much more difficult. Sure everybody has a file with the letter y followed by carriage return and line feed.
Are CLR procs better than writing extended stored procedures. Well you can do the table valued thing and the UDF thing. So that's better. More safe, stable and secure. Forget your SQL server service. I can crash your whole OS using nothing but managed code.
It's a tool ladies and gentlemen. Same abuse vs safety arguments with all of them.