restricting access to Startup applications for non-root user
It is a directory:
~/.config/autostart
in each user directory and
/etc/xdg/autostart
for global usage (there is no need to touch that one).
-
Log in with your admin account and change the user and group to your admin account:
sudo chown $USER:$USER /home/*/.config/autostart
where * are all your normal users.
That will prevent them from writing. The "others" is already set to r-x
so no write access.
You also need to prevent users from changing a setting called $XDG_CONFIG_HOME
and that is going to be difficult ... a user can set it directly from command line for that session only.
So if you want to prevent that you likely need to also disable access to the terminal and to any altering of ~/.profile
.