> > 2/ there is a security issue involved in allowing applications > to access any installed library, even those not explicitly > required by the application. > > Could you please expand on this?
It seems to me that an application could check for the presence of packages which you would not ordinarily want it to access. Activation and reflection allow programmes to programatically create objects/refrences at runtime, JDBC drivers and logging are two areas where runtime binding plays a key role, two ways to limit access to potentially dangerous code include not putting classes in the classpath and using the security manager. If somekind of system wide package discovery is available it removes the first of these safety nets, putting the whole burden on correct administration of the security manager. d. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]