David Holmes wrote: > > How about just having this class use getClass().getClassLoader() to > > check for itself, and refusing to function if not the boot loader? > > Then we skip all the security stuff. > > You mean similar to the some of the security checks themselves, the code > being called checks the caller's classloader ?
I was actually thinking the class would check its own class loader. So untrusted class loaders could load/define the class, but it wouldn't work if they did. This check would be "simple" and perhaps more suitable for initialization code. -Archie __________________________________________________________________________ Archie Cobbs * CTO, Awarix * http://www.awarix.com _______________________________________________ Classpath mailing list [EMAIL PROTECTED] http://lists.gnu.org/mailman/listinfo/classpath
