We recommend that every user in the productive environment can only execute commands using the keyword "sudo".
For initializing commands from package managers, such as "yum", "apt-get", "zypper", we recommend that these are completely prohibited. Furthermore, it is recommended that commands such as "curl", "wget", etc., which can download data from the Internet. Furthermore, every non-admin user should have read-only access to cluster hosts. For this purpose, the command