I think there was brief mention of something like this a while ago. A complement to the current PythonScript (I think that's what it's called now), where you are able to script objects in Python, but differs in that there are no restrictions on what can be imported and what can be executed. It can be made secure by only allowing very few people to be able to manipulate one, like only those in the Manager role (who can do just about anything anyway). I think this can be a real bonus to those web applications that are more than just a "picture gallery" or a "message board", like those that are logic intensive and maintain client state (like a game). The scripts can effectively become the "business logic layer", and eliminate the need to do file-system level scripting. I believe this was one of the goals of Zope -- to do everything through a web browser. What are the pros and cons of this?