> I have no problem with sealing the Framework jar. All Package
> sealing does
> is prevent new classes from being included in the same package as
> the sealed
> ones. You can still extend the classes as long as they are in
> different packages.
I don't know much 'bout security, so I'll mostly keep silent on this,
but I am _definately_ +1 for sealing framework. I think I'm also +1 for
sealing logkit, and possibly for excalibur/cornerstone/phoenix when
those get to release status.
In this case, the demos would need to be removed from cornerstone as
I think that namespace needs to stay availabe (yet another reason).
Sealing not only avoids some nasty issues I'm uncomfortable avoiding
'by hand', it also makes sense to me. Software not in the avalon
project should not use the avalon namespace per the package naming
guidelines, no?
- Leo, who has never sealed a jar before =)
PS: deadline tomorrow, so I'll likely be silent for some time as we
recover from total site failure.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
