why don't you run it as vbox user, and keep this user private?

access to the virtual machine have no relation with the user running the box

jdd

I can think of two ways. In both, the VBox processes would run
as some other user, protected against interference by the end
user.

1. Have the VM started by the host.
Connect to the VM using RDP or VNC.

2. Use sudo to give the end user access
to just the commands and subcommands
he needs to stop/start his VM.

Disclaimer: I didn't try any of these myself.

That’s true but not only for a unix user. You can do everything you wrote on Windows also.

On a *nix OS you can play with ACL rules and/or with a specific user to virtualbox users and a sudo configuration. But, if the user know that, he can also modify the VDI file with a 
 sudo command on host OS. You can also use a specific command which play virtualbox with specific rights
.
--
Pierre Malard

« Il faut créer en même temps les élites et les débouchés, le syndica-
lisme et les usines. Faire l'un sans l'autre, c'est travailler pour le
malheur du peuple. »
Romain Gary - "Les racines du ciel"
|\ _,,,---,,_
/,`.-'`' -. ;-;;,_
|,4- ) )-,_. ,\ ( `'-'
'---''(_/--' `-'\_) πr

perl -e '$_=q#: 3|\ 5_,3-3,2_: 3/,`.'"'"'`'"'"' 5-. ;-;;,_: |,A- ) )-,_. ,\ ( `'"'"'-'"'"': '"'"'-3'"'"'2(_/--'"'"' `-'"'"'\_): 24πr::#;y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
- --> Ce message n’engage que son auteur <--