As far as I understand the recommended way is
I wonder about sharing (relatively large) files between VMs when one of the VMs isn’t trusted (say a Windows VM or not trusted for any other reason).
The sharing should only be one way - meaning the untrusted VM doesn’t get write access. I am aware it’s possible to set the shared folder as read-only for this VM, but is there anything else or an alternative way this can be done?
A follow up question, is there a way to use shared folders without a folder on the host? having the second VM compromised is one thing, having the host compromised is another. Looks to me as if a shared folder makes an escape from VM easier.