I have a feature request...sandboxing
implementation:
two new c functions
"lua_sandbox(lua_state *L, bool sandboxed)" and
"lua_allow_fileio(lua_state *L, bool allow_fileio)"
when lua_sandbox(*L, true) is called, os.execute and other unsafe functions return nil and do nothing (file io is disabled by default)
in addition lua scripts are limited to 10,000 function calls/executions/commands, after that luaL_dostring & LuaL_dofile return.
when lua_sandbox(*L, false) is called, os.execute and other unsafe functions behave as they do normally in 5.4.4 (default state)
when lua_allow_fileio(*L, true) is called, afther lua_sandbox(*L, true) files can be opened, read, and written but are limited to the directory that the .lua file it' subfolders
also limited to writing 100 files and/or 60 MB
a new command line argument for "lua"/"lua.exe"
"-s" and/or "--sandboxed" runs scripts in sandboxed mode (calls "lua_sandbox(*L, true)" before execution)
"-f" and/or "--fileio" runs scripts in sandboxed mode with file io enabled (calls "lua_sandbox(*L, true)" then "lua_allow_fileio(*L, true)" before execution)
a new command line argument for "luac"/"luac.exe"
"--sandboxed" runs scripts in sandboxed mode (calls "lua_sandbox(*L, true)" before execution)
"-f" and/or "--fileio" runs scripts in sandboxed mode with file io enabled (calls "lua_sandbox(*L, true)" then "lua_allow_fileio(*L, true)" before execution) 
