| Cron can be particularly useful for admins, giving them the ability to have the system check logs every night at midnight or confirm file integrity every hour. On the other hand, being able to execute jobs later or automatically represents an abusable privilege for users and also makes their actions slightly harder to track.
Many sites choose to restrict cron to administrative accounts. We suggest this action to new admins especially, until they understand more about how cron can be abused and know more about which users need access to cron. We would like to create the /etc/cron.allow file of users who may use cron. You can add to that later. If we don't create this file, all users will be allowed to use cron. |