When a Windows partition is mounted in a Virtualbox VM as a raw disk, users should be prevented from concurrently being able to mount the partition as read-write. Mounting as read-only probably is acceptable, although hiding the partition seems best. When the VM is not running then read-write mounts are fine. Or at least, that is how I interpret the VirtualBox user guide.
Any ideas how to ensure this?
Hiding the partition during VM usage would be acceptable I think.
This is for somebody I am helping. "Just create a new virtual disk" is not the preferred answer. Reinstalling would be a chore. Copying the partition to a virtual disk is a waste of space and the VM then needs to be re-activated because of different hardware, as well as possible licensing BS. Network file sharing won't suffice as the user needs real-time access to specific apps and not just files. Buying a new computer is not an option. Been through all of the above, hence the forum question.
The only other option is, ugh, dual boot, and at that point the user might as well stay in Windows.
This is a point-and-click user. I don't think I need to worry about the user digging deep to circumvent the protections. I just need flexible protection for either use case.