> For example: I don't understand why Python, JavaScript, Java, Ruby, and so on have not delivered tools that ease the path for those who wish to write applications designed to run code from untrusted sources.
Probably because it is stupidly difficult to do robustly, especially when the language and standard libraries weren't originally designed to do that.
Lua is perhaps best positioned for this given how tightly you can lock it down (you can remove the 'require' function that loads other modules). But even this is considered not robustly secure against untrusted code.
Difficult, yes. There was an attempt by Google at a capability-secure JavaScript called Caja <http://www.links.org/?p=271>. I think it failed mainly because taming the standard library and DOM was too hard - there were too many leaks of ambient authority.
Probably because it is stupidly difficult to do robustly, especially when the language and standard libraries weren't originally designed to do that.
Lua is perhaps best positioned for this given how tightly you can lock it down (you can remove the 'require' function that loads other modules). But even this is considered not robustly secure against untrusted code.
http://lua-users.org/wiki/SandBoxes