You cannot edit /etc/crontab without root. I'm not talking about dropping privileges for the job.

Although speaking of which, cron dropping privileges is not as secure as systemd running as the user before parsing the user's timers, from a defense-in-depth perspective.

But non-root users still have their own crontab, which you don't need sudo to edit.

That depends on which cron you're using, not all of them support user crontabs (and the ones that do probably have subtle differences in behavior).

I was unaware of that, so thank you for the education. But for what it's worth, I have never seen a Linux system which didn't have user crontabs. So even if not universal, it is at least very widespread to the point that you can bet on its presence.

Give me an example of cron, which doesn't support user crontabs? Let me list three that support user crontabs: (a) cronie is controlled by /etc/cron.{allow, deny}; when the latter files are not present, every user can submit cron jobs to crond. (b) One can set up Anacron within the user's home directory[1]. (c) systemd timer is another kid on the block; any user can create a systemd.timer unit.

[1] https://opensource.com/article/21/2/linux-automation

It’s true that root can disable user crontabs but the cron that’s shipped with all popular Linux distributions does have built-in support for them.