This may be a pedantic question, and I have asked it in the Oracle forum, but I thought I would cast my net wider.

In the Oracle Linux documentation, why is there no mention of what happens when these cron files are empty?
ie: Only root can use crontab.

Page 35:
https://docs.oracle.com/en/operating...MONITORING.pdf

"Controlling Access to Running cron Jobs
If permitted, users other than root can configure cron tasks by using the crontab
command. All user-defined crontab-format files are stored in the /var/spool/cron directory
with the same name as the users that created them.
root can use the /etc/cron.allow and /etc/cron.deny files to restrict access to cron.
crontab checks the access control files each time that a user tries to add or delete a cron
job. If /etc/cron.allow exists, only users listed in it are allowed to use cron, and /etc/
cron.deny is ignored. If /etc/cron.allow does not exist, users listed in /etc/cron.deny are
not allowed to use cron. If neither file exists, only root can use cron. The format of
both /etc/cron.allow and /etc/cron.deny is one user name on each line."

And it seems to be ditto for the at command.

Question that could be asked: “Why not just delete these files.”
Answer that could be given: “I do not know the environment, there could be AIDE's or PenTesting that specifically looks for these files and if they are empty.”

Thank you.

Which files? Are you referring to cron.allow and cron.deny? I expect many systems don't have those files, I don't. If as a user, you do either crontab -l (to list) or crontab -d (to edit) what you see as a user is the same as the file discussed in /var/spool/cron/crontabs/?username? file. I expect the file in that location (/var/spool/cron/crontabs) is created when the user creates a cron job. I'm not really that familiar but it makes sense that is the case.