Ensure at and cron utilities are restricted to authorized usersID: oval:org.secpod.oval:def:72657 | Date: (C)2021-05-28 (M)2023-07-04 |
Class: COMPLIANCE | Family: unix |
Configure /etc/cron.allow and /etc/at.allow to allow specific users to use these services. If /etc/cron.allow or /etc/at.allow do not exist, then /etc/at.deny and /etc/cron.deny are checked. Any user not specifically defined in those files is allowed to use at and cron. By removing the files, only users in /etc/cron.allow and /etc/at.allow are allowed to use at and cron. Note that even though a given user is not listed in cron.allow, cron jobs can still be run as that user. The cron.allow file only controls administrative access to the crontab command for scheduling and modifying cron jobs.
Platform: |
Red Hat Enterprise Linux 7 |