Solved

Removing xp_cmdshell

Posted on 2006-11-21
10
263 Views
Last Modified: 2010-07-27
I have a SQL Server 2000 database that was recently audited and they suggested we remove the xp_cmdshell stored proc.  I don't think I have an issue with that because I am not using it for anything that I know of.  Can anyone tell me what the impact of removing that and how can I remove it in a perminate way.  

Thanks
Jym
0
Comment
Question by:jymmealey
  • 3
  • 3
  • 3
  • +1
10 Comments
 
LVL 12

Expert Comment

by:Einstine98
Comment Utility
No impact except that y ou can't run command shell scripts from within your SQL... if you are not using you may not need it for now.
0
 
LVL 2

Author Comment

by:jymmealey
Comment Utility
I am using it at all, how do I remove it?
0
 
LVL 12

Accepted Solution

by:
Einstine98 earned 250 total points
Comment Utility
try this : sp_dropextendedproc "xp_cmdshell"
0
 
LVL 2

Author Comment

by:jymmealey
Comment Utility
I read that it would be possible to re-install the proc unless you remove the dll?   Any problems there?  Which dll?

Thanks
0
 
LVL 69

Assisted Solution

by:ScottPletcher
ScottPletcher earned 250 total points
Comment Utility
You have to have 'sa' authority to use xp_cmdShell (or be GRANTed EXEC authority).  So, unless other users on the box have 'sa' authority, there is no danger to cmdshell, and it can come in handy for administrators at times.

Btw, if another user does have 'sa' authority, he/she might be able to re-add xp_cmdShell even if you deleted it (not sure about the details of that for a system xp like cmdshell, but it may be possible).
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 69

Expert Comment

by:ScottPletcher
Comment Utility
The .DLL is  xplog70.dll
0
 
LVL 2

Author Comment

by:jymmealey
Comment Utility
Is there anything else in that DLL besides xp_cmdshell?

0
 
LVL 69

Expert Comment

by:ScottPletcher
Comment Utility
That's a *good* q.  Not that I know of off the top of my head, but I have *not* investigated any.
0
 
LVL 12

Expert Comment

by:Einstine98
Comment Utility
I wouldn't remove the DLL, this may cause Micorosoft to be unhappy and refuse support... (not sure, but I know with the sendmail one they used to refuse support...)

you can keep the dll with no right for anywone (including SQL) to access it and see what happens.
0
 
LVL 42

Expert Comment

by:EugeneZ
Comment Utility
Agree with Einstine98 :
              the xp_cmdshell is very good proc for dba tasks:
you just need to keep it safe: review execute permissions,etc.



0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Introduced in Microsoft SQL Server 2005, the Copy Database Wizard (http://msdn.microsoft.com/en-us/library/ms188664.aspx) is useful in copying databases and associated objects between SQL instances; therefore, it is a good migration and upgrade tool…
Introduction In my previous article (http://www.experts-exchange.com/Microsoft/Development/MS-SQL-Server/SSIS/A_9150-Loading-XML-Using-SSIS.html) I showed you how the XML Source component can be used to load XML files into a SQL Server database, us…
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now