The /var/adm/cron/cron.allow file defines which users on the system are able to schedule jobs via cron. Rationale: The /var/adm/cron/cron.allow file defines which users are able to schedule jobs via cron. Review the current cron files and add any relevant users to the /var/adm/cron/cron.allow file. NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Review the current cron files: ls -l /var/spool/cron/crontabs/ cat /var/spool/cron/crontabs/* NOTE: Review the list of cron schedules and remove any files which should not be there, or have no content. Add the recommended system users to the cron.allow list: echo 'sys' >> /var/adm/cron/cron.allow echo 'adm' >> /var/adm/cron/cron.allow Add any other users who require permissions to use the cron scheduler: echo <user> >> /var/adm/cron/cron.allow NOTE: Where <user> is the username. Default Value: N/A