Hello I studied the default kernel in Merlin. As far as I can see, security is not build in the kernel.
1. Would it be an idea to build in security in default kernel? Are there any reasons not to build security in default kernel? 2. If the answer in question 1. is no, would it be an idea to develop a SecureKernel? 3. If you were going to build security in kernel (either DefaultKernel or a SecureKernel), would you build it upon Java's security API (AccessController/SecurityManager, Policy, ProtectionDomain, JAAS etc) or would you rather build your own security component? 4. If the answer to questions 1. and 2. is no (i.e. no security in kernel), would you rather develop security in each Container? Best Regards -- Nader Aeinehchi Aasenhagen 66 E 2020 Skedsmokorset NORWAY Direct and Mobile +47 41 44 29 57 Tel (private): +47 64 83 09 08 Fax +47 64 83 08 07 www.aeinehchi.com
