Qlik Sense does not allow anyone (even the owner) to access to a published app's script. So, as long as, users can't access to QMC and make a copy of a published app, the script is secured. In other words you need to remove the grant to make a copy of apps for those who need to access the QMC.
You can't modify the RootAdmin rights. Eventually you can create a different RootAdmin profile with (e.g. myRootAdmin) and shape it as you need.
may you please help in creating a security rule that doesn't allow the duplication of an app (1 specific app) and allow duplication for the rest or allowing only one specific user to duplicate one specific app
Ali, in Qlik Sense you can not create a rule to deny something, but just to allow. This is more an organizational problem than Techincal. You need users do not access to the app scripts? Well in that case those users need not tombe RootAdmin. If they do not need to access to the QMC your problem is solved. If they need to access to QMC for some specific reason the solution could not be to assign them a predefined role (e.g. ContentAdmin) but create an ad-hoc role to shape exactly what they need to do (this rule of course will not allow them to copy an app).
