What do you mean by a file being displaced? Like do you want it to be unreadable, or unmodified, or just not deleted?
It’s not really possible to have a level of protection that would require more than sudo
because with root access you bypass anything else.
You could put the files on an encrypted volume that uses a special password when it is mounted. Or you could use the chattr
command to set special ext4 attributes that would make it unmodifiable (but could be removed with sudo). Or just record the file’s hash, and that way you know it hasn’t been modified later.
idk if being annoying is against the rules of your instance but it def should be