March 11, 2011 at 4:08 pm
Hi ALL,
I have Transactional replication running. I also have noticed today that xp_cmdShell setting to be on. I am on SQL 2008 R2.
I know this is a security risk. When I ran the following SQL
use distriubution
go
SELECT ROUTINE_SCHEMA, ROUTINE_NAME, ROUTINE_DEFINITION
FROM INFORMATION_SCHEMA.ROUTINES
WHERE ROUTINE_DEFINITION LIKE '%xp_cmdshell%'
AND ROUTINE_TYPE='PROCEDURE'
ORDER BY ROUTINE_SCHEMA, ROUTINE_NAME
I have the result set "sp_MSdelete_publisherdb_trans"
Can I disable xp_cmdSHell. What is the way to identify where all it being used?
I tried running it on other db's too . Only msdb returned a result for setting local time.
Plzzz Help
March 16, 2011 at 7:22 am
We have Transactional replication set up between SQL 2008 SP1 Servers. We do not have xp_cmdshell enabled. I do not think that it uses xp_cmdshell but it probably uses Operating System(CmdExec) to do everything. That does not need xp_cmdshell to be enabled.
-Roy
July 23, 2024 at 11:46 am
What is the way to identify where all it being used?
SELECT definition
FROM sys.system_sql_modules
WHERE definition LIKE '%xp_cmdshell%';
July 23, 2024 at 7:41 pm
I'd say you need:
EXEC sp_msforeachdb 'use ? SELECT ''?'', definition FROM sys.all_sql_modules WHERE definition LIKE ''%xp_cmdshell%'';'
GO
USE msdb
GO
SELECT s2.job_id, s2.name, s.step_name FROM dbo.sysjobsteps AS s INNER JOIN dbo.sysjobs AS s2 ON s2.job_id = s.job_id
WHERE command LIKE '%xp_cmdshell%'
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy