On 16.01.2014, at 06:49, Lars Krapf <[email protected]> wrote: > As long as reflection is still permitted I think you could get around most > (all?) of these restrictions. > I'm pretty sure this can only be solved properly on VM level > (SecurityManager).
As I said, reflection is one of the things you have to disable then - either by blacklisting the classes (java.lang.Class or Method etc.) or if that doesn’t work, using the security manager (but only using it for that and not for any new application level permissions to think about). Cheers, Alex
