There is a linux NTFS fix package, I forget the proper name, it tries to clean up the filesystem like windows would

If you only allow users as non sudoers, is what I assumed

Sure but will it bypass your established network routing if it can’t change it?

If you are setting up a secure system though you would only use a package manager that needed sudo

Hopefully smarter people than I chime in, but if the users aren’t part of sudoers then they shouldn’t be able to install anything. However app images exist, and I’m not sure if those TOR out without network control

Was just playing MechWarrior5 on OpenSUSELeap this morning with the RTX shaders turned on. Every thing works great.

As someone suggest Zorin, they have worked hard to be a transition system, but if you want true GUI and no command line tinkering try OpenSUSE–everything can be tweaked and configured via the various Yast2 GUI modules.