I have a javascript file that reads another file which may contain javascript fragments that need to be eval()-ed. The script fragments are supposed to conform to a strict subset of javascript that limits what they can do and which variables they can change, but I want to know if there is some way to enforce this by preventing the eval from seeing variables in the global scope. Something like the following:

function safeEval( fragment )

{

    var localVariable = g_Variable;



    {

        // do magic scoping here so that the eval fragment can see localVariable

        // but not g_Variable or anything else outside function scope



        eval( fragment );

    }

}

The actual code doesn't need to look like this--I'm open to any and all weird tricks with closures, etc. But I do want to know if this is even possible.