I proposed a while ago to implement a custom java policy for the SecurityManager which uses XML for configuring permissions for the Java SecurityManager. There were a number of features which made configuring a strict security policy easier. You can look back through the archives for the initial proposal and discussion.
It's an open discussion :)
However, I'd say this is an uphill battle. I think Costin argued the same earlier, and the "standard" policy file remained consistent, and now added JMX security rather (which is an important feature since we're now JMX based). So well, I don't know ...
Remy
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
