You can grant and revoke permissions on an ESP as you would on a regular stored procedure.
In addition to normal Adaptive Server security, you can use the xp_cmdshell context configuration parameter to restrict execution permission of xp_cmdshell to users who have system administration privileges. Use this configuration parameter to prevent ordinary users from using xp_cmdshell to execute operating system commands that they would not have permission to execute directly from the command line. The behavior of the xp_cmdshell configuration parameter is platform-specific.
By default, a user must have the sa_role to execute xp_cmdshell. To grant permission to other users to use xp_cmdshell, use the grant command. You can revoke the permission with revoke. The grant or revoke permission is applicable whether xp_cmdshell context is set to 0 or 1.