No, this is not possible. There is always a trick to use str2func to call eval , which executes a string, which is decrypted during runtime only.
The only way to run a user-defined function without the danger to loose the machine, is to provide a virtual machine, which is recreated from scratch at each start. This is easy to built e.g. by VirtualBox.
Nevertheless, even such a sandbox system is not 100.0% secure: If the Matlab function reloads some evil assembler libraries, it is possible to break out of a virtual machine and to attack the host computer. Or the software can use the computing power of the VM to attack other computers, e.g. in a distributed denial of service attack.
I'm still surprised, that MathWorks offer to run VMs in Cody and here in the forum. The limited runtime for each process prevents, that we send a bit-wise copy of the VM including the installed and activated Matlab engine. But this could be done in chunks... MathWorks has changed the underlying Linux version and removed tools like ping and sendmail. It is not easy to gain root access on the VMs, so I estimate the security level to "reasonably high".
But the question is: Who wants to attack your machine? If you assume such an intention, wouldn't a hin with a hammer into the mainboard mucgh easier?
You access the MathWorks homepage currently. With standard setting you allow the browser to execute script from MathWorks, adobetm, sonsensu.org, crazyegg.com, demdex.net, img03.en25.com, secure.quantserve.com, go-mpuls.net and amazon's s3 services. All of them could inject some evil code. Virus scanners, sandboxes of the browsers and the privilege system of your operating system would reduce the danger of such dangerous scripts. The same holds true, if you run Matlab with user privileges. Then an evil user cannot do much harm directly.
