The CLR allows us to run scripts with high security (so that they don't have full access to the PC) and high performance at the same time. However, in a server context one may want to run a thousand scripts written by different people at the same time. Therefore, no single untrusted script should be allowed to use a large amount of memory. .NET should provide configurable memory allocation limits on a thread/fiber. CPU time quotas are needed too, although (unlike memory quotas) perhaps it's possible to enforce CPU time limits without support from the CLR itself.