More restricted execution silly ideas

[erlang@REDACTED]

I had another thought on implementing a restricted execution environment for
untrusted erlang code:

How about, instead of trying to lock down an erlang virtual machine, instead
putting the erlang code presented through a cleanser which pulls out any
functions which are regarded as unsafe?

Code which doesn't refer to anything unwanted passes through and is executed
without a murmur.  The rest is hacked up, probably won't even compile, and
is left to bleed, or returned without running?

Or simply specify a limited set of functionality, and inspect incoming code
for violations?

I suspect this might be easier than hacking up OTP and erlang.