EXEC sp_configure 'show advanced option', '1' RECONFIGURE; GO EXEC sp_configure 'xp_cmdshell', 1 GO RECONFIGURE; -- remember to turn advanced options off again! EXEC sp_configure 'show advanced option', '0' RECONFIGURE GO
Thursday, 4 January 2007
SQL 2005 : Enabling XP_cmdshell
This is considered a big security 'no no', with access to external functionality preferred by developing a CLR assembly. With cmdshell enabled, users can effectively run any command :(
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment