diff --git a/Nasal/io.nas b/Nasal/io.nas
index 35e3fd1c6..14857b4bf 100644
--- a/Nasal/io.nas
+++ b/Nasal/io.nas
@@ -210,6 +210,7 @@ var writexml = func(path, node, indent = "\t", prefix = "___") {
 # Redefine io.open() such that files can only be opened under authorized directories.
 #
 _setlistener("/sim/signals/nasal-dir-initialized", func {
+    var self = caller(0)[1];
     var root = string.fixpath(getprop("/sim/fg-root"));
     var home = string.fixpath(getprop("/sim/fg-home"));
     var config = "Nasal/IOrules";
@@ -263,8 +264,9 @@ _setlistener("/sim/signals/nasal-dir-initialized", func {
         print("io.open()/WRITE: ", debug.string(write_rules));
     }
 
-    var fixpath = string.fixpath;
+    var fixpath = string.fixpath;  # safe copies
     var match = string.match;
+    var die = die;
 
     var valid = func(path, rules) {
         var fpath = fixpath(path);
@@ -286,6 +288,14 @@ _setlistener("/sim/signals/nasal-dir-initialized", func {
         die("io.open(): opening file '" ~ path ~ "' denied (unauthorized access)\n ");
     }
 
+    var _closure = globals.closure;
+    globals.closure = func(fn, level) {
+        if(fn != self and fn != caller(0)[1])
+            return _closure(fn, level);
+
+        die("closure(): query denied (unauthorized access)");
+    }
+
     # validation listeners for loadxml/savexml (see utils.cxx:fgValidatePath)
     var v = props.globals.getNode("/sim/paths/validate", 1);
     setlistener(v.getNode("read", 1), func(n) n.setValue(valid(n.getValue(), read_rules) or ""));