Question about security risk

[LoganFievez]

Hi,

I'm analysing a way to give users of the app I'm currently working on the possibility to execute some simple scripts.

By testing, a bunch of different use cases I've noted something: I can load any java package with LuaJava, which means (I assume, I didn't test it yet) I can do anything I want like maybe get a connection to the database or access the file system.
Is there a way to limit the imports the users can do ? For example, I only accept type based classes such as Integer, BigDecimal, etc.

Thank you.