I have gotten the impression that some people don't think it's a good
idea to run user scripts without a sandbox. I am wondering if I have
taken this out of context.
Surely it is a bad idea to run untrusted code from a website visitor or
something but if a user can already delete their home directory then is
it safe to say that it is alright to run their lua files without a sandbox?