@the_wolverine, You can restrict the users using roles and capabilities from Access controls. The one capability you can remove is "output_file" : Lets the user create file outputs, including outputcsv (except for dispatch=t mode) and outputlookup.
Above is the definition from Splunk docs.
You can also control the user access from local.meta file. Remove write access to those users for a specific file.