Re: xp_cmdshell default path (system32) problem

Hum...
My process actually uses information for tables to determine which
directories and files should actually be moved and deleted, so a static
batch file wouldn't work. However, building a batch file in code and then
xp_cmdshell to execute it might be a safer approach than executing the erase
commands directly from xp_cmdshell.

I did a little more testing and I was a little confused. It turns out that
it will NOT actually execute the delete if the patch I supply is not valid.
So, that's not as bad as I thought.

It would still be REALLY, REALLY nice if there was some way I code basically
make the whole WINNT directory and subdirectories OFF LIMITS for anything I
do in xp_cmdshell. I'm guessing there must be some way to do this by using
a proxy account for xp_cmdshell isn't there?

Currently my server is setup to run under the system service account rather
than a domain account. Also, this will eventually need to be scheduled to
run as a job. In that configuration, how would I go about configuring SQL
Server as a whole on that machine so that xp_cmdshell would ALWAYS run as a
specific Windows account? If I could do that then I could safe guard myself
by locking down the access that user has.


"John Bell" <jbellnewsposts@xxxxxxxxxxx> wrote in message
news:emNvp1v4JHA.1380@xxxxxxxxxxxxxxxxxxxxxxx

"Thomas Malia" <tommalia@xxxxxxxxxxxxxxxx> wrote in message
news:eh9NDlv4JHA.1716@xxxxxxxxxxxxxxxxxxxxxxx
I'm trying to create some maintenance scripts that need to manage files
in some directories. I want to purge files that are older than a given
number of days. I'm use xp_cmdShell to execute "erase" command like
commands to delete the files. The problem I'm concerned about is related
to the fact that xp_cmdshell appears to use c:\WINNT\SYSTEM32 as it's
default path.

I haven't executed the actual erase statements yet but rather have been
running test where I just perform a DIR instead of a ERASE to confirm
what WILL get deleted when I do it for real. The problem is, if the
directory that I supply doesn't exist, then the command appears to
opporate on the "default path". So for example if I do:

EXEC xp_cmdshell 'DIR c:\MyDir'

and "myDir" doesn't actually exist, then the xp_cmdShell is return the
same result set as if I executed:

EXEC xp_cmdshell 'DIR c:\WINNT\SYSTEM32'

This is more than a little scary since if I have had actually run this
command with ERASE instead of DIR then presumably it would have deleted
all file from the C:\WINNT\SYSTEM32 directory.... BAD THING!

Now, I can be REALLY, REALLY careful when I write my scripts to make sure
I use an existing directory. However, this doesn't protect me later when
my script is running as a scheduled job and some unssuspecting sole
happens to delete, rename or change the security settings on my directory
and now the next time the job runs I crush SYSTEM32!

There's got to be a better way to handle this... isn't there!?!

PLEASE HELP!

Hi Thomas

The easiest solution would be to run a batch file specifying the full path
to it.

Johm


.

Relevant Pages

  • Re: basic command pipe question
    ... =>to erase a bunch of files in one go. ... will execute a seperate process for *EACH* file to be deleted and would potentially overflow before the for loop even starts. ... Although, if I understand properly what's happening here, the pipe solution allows files to be erased as they are found in the filelist, while the gobbing method first requires that all files that match be found, then each command is executed one after another. ...
    (Fedora)
  • Re: Perfmon and batch file
    ... > event viewer and run command file. ... > but no execute the cmd file or execute it but not execute the ... You are probably making some assumptions in your batch file ... @echo off ...
    (microsoft.public.windows.server.general)
  • Re: SEPKILL /im SMC.EXE /f
    ... Subject: SEPKILL /im SMC.EXE /f ... Save the following as a batch file and execute it ... If done from a batch file the command is completed only when the process is stopped. ...
    (Bugtraq)
  • Re: xp_cmdshell default path (system32) problem
    ... I'm use xp_cmdShell to execute "erase" command like commands to delete the files. ... I haven't executed the actual erase statements yet but rather have been running test where I just perform a DIR instead of a ERASE to confirm what WILL get deleted when I do it for real. ... The problem is, if the directory that I supply doesn't exist, then the command appears to opporate on the "default path". ... However, this doesn't protect me later when my script is running as a scheduled job and some unssuspecting sole happens to delete, rename or change the security settings on my directory and now the next time the job runs I crush SYSTEM32! ...
    (microsoft.public.sqlserver.programming)
  • Re: xp_cmdshell default path (system32) problem
    ... I'm use xp_cmdShell to execute "erase" command like commands to delete the files. ... I haven't executed the actual erase statements yet but rather have been running test where I just perform a DIR instead of a ERASE to confirm what WILL get deleted when I do it for real. ... The problem is, if the directory that I supply doesn't exist, then the command appears to opporate on the "default path". ... However, this doesn't protect me later when my script is running as a scheduled job and some unssuspecting sole happens to delete, rename or change the security settings on my directory and now the next time the job runs I crush SYSTEM32! ...
    (microsoft.public.sqlserver.programming)