Xp_regread

[Barb]

A security document recommended not dropping Xp_regread.
It did not say why. Can someone tell me why this should
not be dropped? Other documents suggest dropping it.
Thanks.

 

[Drew Cooper [MSFT]]

This question is better asked on one of the SQL security newsgroups.
microsoft.public.sqlserver.security ?

What doc said not to drop it? Was it from MSFT?

I'm not a SQL guru, but my first impulse would be to remove anything that
isn't necessary to reduce attack surface. Why risk some blackhat reading
your registry?