decide not to overwrite tostring

tostring({}) and string.format("%s", {}) give you pointers.
(see lj_strfmt_obj)
this is not very critical, but attacks could be made harder if we change this.
the effort of overwriting is not worth it I think right now

src/script/cpp_api/s_security.cpp

@@ -486,8 +486,6 @@ void ScriptApiSecurity::initializeSecuritySSCSM()
 
 	// Set the environment to the one we created earlier
 	setLuaEnv(L, thread);
-
-	// TODO: tostring({})
 }
 
 #endif