Who is granted EXECUTE on xp_cmdshell ?
-
I'm posted this question to every newsgroup I know but without any satisfactory response.
As you know, EXECUTE on xp_cmdShell can be granted to anyone.
I tried sp_helprotect xp_cmdShell to know all the people granted EXECUTE on it
But this always gives a blank response
Just try this
1) Create a new login
2) Do not include this new login in the sysadmins role
3) Grant EXECUTE on xp_cmdShell to this login
4) În Query Analyzer, type sp_helprotect xp_cmdshell
5) what do you get ?
-
Works for me. Can you give other details about the login (i.e. is it permitted use in any database, what roles are assigned to it), the version of SQL Server you are running, what service pack, etc. Sorry I can't give you more off the top of my head but, I have not seen that before. Anyone else seen this?
David
@SQLTentmaker“He is no fool who gives what he cannot keep to gain that which he cannot lose” - Jim Elliot
-
I'm not having any problems when I explicitly define someone to have EXECUTE access (whether GRANT or DENY), either. What about when you deny access, even to a sysadmin role? Does it show up then?
K. Brian Kelley
K. Brian Kelley
@kbriankelley -
solved !!
Use Master
sp_helpprotedt...
did the trick
You have to be in master to get a correct answer.
Thanks for your input
-
It's always nice when it's a simple thing like that... but getting to the answer is often oh so annoying!
K. Brian Kelley
http://www.sqlservercentral.com/columnists/bkelley/
K. Brian Kelley
@kbriankelley
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply