at Command Security

You can set up a file to control access to the at command, permitting only specified users to create, remove, or display queue information about their at jobs. The file that controls access to at, /etc/cron.d/at.deny, consists of a list of user names, one per line. The users listed in this file cannot access at commands.

The at.deny file, created during SunOS software installation, contains the following user names:

daemon
bin
smtp
nuucp
listen
nobody
noaccess

With superuser privileges, you can edit this file to add other user names whose at access you want to restrict.