I might suggest creating a non-privileged account.
ex;
To check your defaults for useradd;
useradd --defaults
To create the user and its home directory using those defaults;
sudo useradd -m student
You may wish to create a password as well
sudo passwd student
Depending on your configuration this should be a relatively useless account.
On my system this new user is created as part of no groups except its own.
That means it has no sudo access, is not part of the wheel or network groups, etc.
Please let us know if this would accomplish your task.
For more information, including possibly some groups you may wish to add the user to
https://wiki.archlinux.org/title/Users_and_groups
Also security and stuff that will include things like restricting root
https://wiki.archlinux.org/title/Security
PS.
We dont know anything about your desktop and all … this may affect the amount and quality of responses. For a guide covering extra help on how to post such as formatting code see