ideas-computer-jasper-securityCapabilities

read stdio, write stdout, write stderr

read/write other streams, files

read/write/execute any file under location (note: read privilage is sufficient to import a Jasper library, unless it uses extra-Jasper extensions) network communications, other sensors/effectors used via special locations

ulimit #spawned threads, amount of memory

see http://lua-users.org/wiki/SandBoxes section "Table of Variables"

note: it's important that "globals" aren't truly global, and can be hidden from function calls upon demand (also must hide even 'hidden' scoped globals)

should also be able to pass in read-only variable references in order to give the program a way to create other 'pipes' into the untrusted code (maybe)

CALLINGFUNCTION