A safe Erlang for third party users

[Jeff]

Is there a way to create a safe subset of Erlang which you could give an 
unknown person access to which is run on your own system? My thinking is 
something along the lines of: you have a web site which has aspects 
which are best controlled by a language, eg complex security for who can 
see what, etc. So rather than provide a list of check boxes, slider, and 
what not; You provide a file upload form and the user can upload a file. 
This is then compiled, and filtered for allowed and side effect free 
calls, etc before being allowed to execute on the web server's erlang 
vm. The filtering, I would image, would either be on the source code, on 
some partial compile of the file and/or on the compiled beam and would 
only permit expressly allowed function calls and parameters.

Hope that makes sense. This is only a thought experiment and I don't 
have any plans to try such a thing, but thought it was an interesting idea.

Jeff.