Fair points but as someone who works in cybersecurity. Phishing emails can happen without admin access. I haven’t heard of any randsomware that is triggered by just clicking on a link.
I think there should be some restrictions but highly technical people should slowly be given more and more control as they gain more trust/experience.
If it’s well structured then day ta. If it’s more raw then dah ta.
Idk why, why the second way sounds more raw.