not sure whether it is the right place to ask but let's give it a try. I'm looking for a way to prevent users with admin rights on MAC OS to be able to uninstall a certain application as it is easy as this:
#sudo /usr/local/McAfee/uninstall DLP
Are there any built-in mechanisms ?
I appreciate any hints !
If you are giving a user the ability to use sudo to become root, you're fighting a lost battle. If they really want to, and they are root, they can do anything.
You could always set up a 'pseudo-root' user that is not in /etc/sudoers, or create a special group that can write access more places than standard users but not /Applications, /bin, /usr/local/bin, etc.. - and then give them the ability to become THAT user with sudo by setting up /etc/sudoers to allow it. I'd need to know more about your situation to give further recommendations as to where they could write to.
TL;DR not while letting them run anything as root.
