I don’t think trying to freeze function is ever going to be successful. Here a minimal example that bypasses the frozeness with the current reference implementation:
def counter():
__import__ # Needed because `import` doesn't work otherwise
import sys
sys.counter += 1
return sys.counter
If you now say “lets just disable import”, that first of all is really annoying for some usecases and will disallow some libraries be frozen unnessarily.
But also, that doesn’t fix the issue: __import__('sys') will still bypass it. And if you blacklist the __import__ identifier, you just start a race comparable to trying to sandbox python internally.
And if I understand the goals of this project correctly, this can’t just be ignored. The goal is to allow concurrency without issues, and this kind of issue prevents this I think.