Hello all, I have a project where I need to take 3rd party XQuery expressions and evaluate them in the context of a single xml document. The expressions are untrusted and I want to limit them to read-only and only allow them to access a single xml document being passed in as an external variable. I read in the XQuery Module docs (http://docs.basex.org/wiki/XQuery_Module) that with the evaluate() command the evaluated query is prevented from opening new database. I believe I could run the evaluate() call from a session connected as a read only user to prevent any update commands. Also, since I only want the evaluated expressions to be able to access a document declared as external I could, I believe, evaluate() from a session connected to an empty database as well. However, would the evaluated expressions still be able to execute functions from other BaseX modules like, for example, proc:system()? I know that in general using eval on untrusted code is a huge risk. Is there anyway to create a secure 'sandbox' for evaluating untrusted XQuery expressions? Any advice would be greatly appreciated. Thanks, -Jesse