Hm... I think the whole idea of a "safe virtual machine" won't work.
As Nathaniel points out, the operations that need to be verified or
confirmed (etc.) are usually at a much higher level of abstraction.
When thinking (as a result of this discussion) about making Python
safe, maybe 95% of the unsafe operations are library functions -- 4%
are high-level operations that negotiate access to the library
(e.g. importing modules); only a tiny fraction of unsafe operations
are close to the level of the Python virtual machine (such as object
attributes that provide read-write access to internals of the
interpreter).
--Guido van Rossum, CWI, Amsterdam <mailto:Guido.van.Rossum@cwi.nl>
<http://www.cwi.nl/cwi/people/Guido.van.Rossum.html>