16 February,2015 by Jack Vamvas
Xp_cmdshell is possibly the most dangerous extended stored procedure on the planet. I’ve seen some serious impact on a combination of xp_cmshell enabled and sysadmin rights. The main reason for it’s dangerous image is xp_cmdshell allows shell scripts to execute on OS.
My general rule is to not allow non DBAs xp_cmdshell direct access. If a user requests xp_cmdshell with a valid and pragmatic reason, then I’ll set up a stored procedure – allowing them to run only xp_cmdshell through this stored procedures. Think about adding a check on input parameters to this managed store procedure
There are valid reasons for granting a user xp_cmdshell. A review is essential. Some risk analysis should be implemented , weighing the security risks and benefits associated with granting xp_cmdshell privileges to a login
SELECT CONVERT(INT, ISNULL(value, value_in_use)) AS config_value FROM sys.configurations WHERE name = 'xp_cmdshell' ;