This may be a pedantic question, and I have asked it in the Oracle forum, but I thought I would cast my net wider.
In the Oracle Linux documentation, why is there no mention of what happens when these cron files are empty?
ie: Only root can use crontab.
Page 35:
https://docs.oracle.com/en/operating...MONITORING.pdf
"Controlling Access to Running cron Jobs
If permitted, users other than root can configure cron tasks by using the crontab
command. All user-defined crontab-format files are stored in the /var/spool/cron directory
with the same name as the users that created them.
root can use the /etc/cron.allow and /etc/cron.deny files to restrict access to cron.
crontab checks the access control files each time that a user tries to add or delete a cron
job. If /etc/cron.allow exists, only users listed in it are allowed to use cron, and /etc/
cron.deny is ignored. If /etc/cron.allow does not exist, users listed in /etc/cron.deny are
not allowed to use cron. If neither file exists, only root can use cron. The format of
both /etc/cron.allow and /etc/cron.deny is one user name on each line."
And it seems to be ditto for the at command.
Question that could be asked: “Why not just delete these files.”
Answer that could be given: “I do not know the environment, there could be AIDE's or PenTesting that specifically looks for these files and if they are empty.”
Thank you.