You can also put the xp_cmdshell into a stored procedure and permission the sproc appropriately.
This is however another option, I am not suggesting that it is anyway safer than DTS. In fact you can even do a DTSRUN from a stored proc.
Kalman Toth, Database Architect
SQL Server Training - http://www.sqlusa.com/bestpractices2005