[eropple]

Or we could...not...evaluate random code potentially coming from hostile environments. That would also be cool and good.

And, yes, it's possible to have vulnerabilities in a JSON parser--but it is orders of magnitude easier to have them in an arbitrary language parser.

[linschn]

If you evaluate it in an environment where only the functions you choose are defined, the security risk is nil.

Validating a document is a complex, domain-dependant problem. It is far easier to create a secure Domain-Specific Language to handle this than to end up with an accidentally Turing complete abomination like XSLT: http://www.unidex.com/turing/utm.htm

[krapp]

>If you evaluate it in an environment where only the functions you choose are defined, the security risk is nil.

Oh. So all you have to do is write perfectly secure code and run it in a perfectly secure environment, and nothing bad can possibly happen.

Well shit, why didn't anyone else ever think of that?