> I foresee the question: "Isn't it dangerous to allow untrusted code to load
> arbitrary bytecode?"
That's why from Lua 5.2 onwards, load() has a parameter to restrict
loading of bytecode. And a sandbox would not include load() (or a
restricted version of it).
This way untrusted code must satisfy additional restrictions to be able to run inside your sandbox.
I doubt this is practical.
Usually the author of the untrusted code knows nothing about your sandbox and the restrictions it must comply with :-)
Ideal sandbox must run almost everything; including the possibility that the untrusted code might create its own (nested) sandbox while running inside your sandbox.
All standard Lua library functions must be emulated, but not removed.