[adamc]

Not really usually to call something "overly paranoid" without going into why you think their evaluation is wrong.

[tedunangst]

The page is trying to build a sandbox where a lua script can eval other untrusted lua code within the same lua execution environment. Many, even most?, people are only interested in isolating the host application from the lua environment.

[josephcsible]

Because there's ways to build safe sandboxes that allow untrusted code to use a bunch of things that it calls unsafe.