> But that does not solve the general
> problem: A system administrator cannot just put your jar file in the CLASSPATH
> and trust you if it contains suspicious 'static' code.
>
I'm not sure I see why static code is any worse a risk to the system
than non-static code. If a class is in the classpath you can still
instantiate it with 'new' and you will end up with access to the
shareable resource. The security risk with singletons is to your own
application; you are letting any application on the system get a
reference to the actual shared resource. If this isn't a problem in
your particular situation, I don't think you need to shy away from using
a singleton to implement a shared resource in a pre 2.1 environment.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
