Mike Pall has emphasized on various occasions that he believes that sandboxing Lua (while discussing LuaJIT issues, but refering to Lua in general) is reasonably possible only by considering the whole (OS) process as the sandbox: "The only reasonably safe way to handle untrusted Lua scripts is to isolate them in a process context and to make use of per-process quotas/limits provided by the operating system." (http://lua-users.org/lists/lua-l/2011-02/msg01106.html) - there were other occasions. However, I am not aware of a bytecode related discussion in this regard. And yes, it uses different bytecode - and a different intermediate representation.