The cron and at services are used to allow commands to be executed at a later time. How do I restrict them to selected users such as root, opt1, opt2 and so on? How do I make sure user php can run php script but cannot modify or install a new job?