Seriously though, I have no problem with Javascript as a language that people might want to use to get things done on the desktop. The problem is that, in almost all current implementations of Javascript, it is setup to run any random code from the internet that the user clicks on... or even code he doesn't click on, in some cases.
In order for me to consider using a web-enabled Gnome desktop, I need to be confident that I have the power to enforce this strict separation of church and state. My PC is the church, and the internet is the state. :-)
I need to be able to flip a setting that makes it impossible to run any javascript that comes from outside my machine, whether it be through email, the web, or various files left over in /tmp or .webgnome or /home/cdfrey/Desktop, and only run javascript that I've installed and authorized, such as through apt-get or /usr/local.
This is where my confidence in Gnome's security design falls apart, because history seems to show that it is always more tempting to enable the new shiny web than it is to lock it down securely.