How do I ensure that users can run only applications that have been installed in /Applications?

macos applications accounts

With managed (parental control) accounts and "Allow apps downloaded from Mac App Store and identified developers" enabled, users are still able to download and run other applications.

I want to prevent this.

enter image description here


Solution 1:

You can easily do this by managing apps for that user in Parental Controls.

See this screen shot to limit apps. It is a per-app setting, so you need to maintain the list of allowed apps. The setting you posted in your question is for managing the code signing status of apps and not for restricting certain apps and certain user accounts.

enter image description here

Related

Mac mail prevent mark as read
Is it possible to resize video in iMovie?
El Capitan SIP and CPAN
How is OS X able to authenticate to my router even when the disk is removed?
Use mdfind to identify all encrypted dmg?
Install new NANO (2.4) using BREW but still uses old versions (symbolic link not created?)
Merging pandas dataframes generated by for loop
How to make placeholder text permanent and space between
C++ Variadic Templates for a General-Purpose and Fast Data Storage Container Builder
Prevent dialog from closing on outside touch in Flutter
Show value from input box by pressing the button
How can I convert a Timestamp into either Date or DateTime object?