How can I give a SQL Server user permission to run one stored procedure and nothing else?

Should be able to to do:

grant execute on xp_fixeddrives to username

go

xp_fixeddrives is an undocumented procedure. So basically, it doesn't exists. the is no documented way to grant, deny or revoke any permission on it and the result of executing it can be basically anything.

That being said, you can try to wrap the XP in an ordinary procedure, then use code signing to grant the needed permissions to the procedure, then grant EXEC to your user on the wrapper, similar to the example in my blog: Signing an activated procedure. This works on my machine. Your mileage may vary, as is the case anytime you use undocumented functionality:

use master;
go

create procedure usp_fixeddrives
with execute as caller
as
begin
  exec xp_fixeddrives;
end
go

grant execute on usp_fixeddrives to [low_priviledged_user];
go

create certificate [usp_fixeddrives]
  encryption by password = 'AnyPassword@1234!'
  with subject = N'usp_fixeddrives'
  , start_date = '11/05/2009';
go

add signature to [usp_fixeddrives]
  by certificate [usp_fixeddrives]
    with password ='AnyPassword@1234!';
go

create login [usp_fixeddrives] from certificate [usp_fixeddrives];
go

grant authenticate server to [usp_fixeddrives];
grant control server to [usp_fixeddrives];
go

alter certificate [usp_fixeddrives] remove private key;
go

You'll need to use EXECUTE AS for this in SQL 2005, and (I think) impersonate a sysadmin who's also an admin for the physical server. A regular user has no rights to the file system, hence no results. In SQL 2000, simply granting them rights to the SP would have worked.