I hope people aren't too bothered by me posting so much about trying to get scripting into Tilemap Town. It's a really important feature, but it's unclear what the best solution is so I've been all over the place trying to figure that out.
I think I'm gonna go revisit my earliest idea which was to just patch Squirrel to have resource caps and kill the script if they're exceeded.
One important aspect of that is that tonight I discovered you can actually tell it to use custom implementations of malloc, realloc and free, so tomorrow I'm gonna see if I can use that to track and cap things.
Another thing that might help is just having scripting be a privilege like it is on MUCKs, honestly. Single biggest way to stop bad actors.
