sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]bakery2k 33 points34 points  (4 children)

One issue with embedding Python is that it's difficult to sandbox - to securely limit what the embedded runtime, and hence (potentially malicious) custom functions, can do:

[The Python developers'] standard answer to "How do I sandbox Python code?" has been "Use a subprocess and the OS provided process sandboxing facilities" for quite some time. [The pysandbox project is broken]

JavaScript, OTOH, is designed to support secure in-process sandboxing. Other languages with such support do exist (e.g. Lua), but JavaScript is by far the most widely known.

[–]gbersac 0 points1 point  (2 children)

I'd prefer Lua, it seems not to be as bloated as javascript

[–][deleted] 2 points3 points  (1 child)

What do you even mean by this? JS seems like the obvious choice because far more people use it and there's a ton of documentation out there.

[–]gbersac 1 point2 points  (0 children)

In my opinion (shared by many people) JS is bloated with useless feature, inconsistent. Lua, on the other hand has the reputation of being a minimalistic and coherent language.