True Fox. Unlike textures or CR2 files a script can do a lot more damage. We may have to divide the upload area into a post area and safe area. That way people can post into the upload area but a script only makes it into the safe area after being checked over. How that process is determined is still up in the air. I'm going to contact Curious Labs and find out what they have crippled in their parser or what safe guards they have put in place. For example, I can't imagine they would support the socket fucntions from python. That and the file IO stuff are the two most dangerous.