Tom Tromey wrote: > >>>>> "Roman" == Roman Kennke <roman@xxxxxxxxxx> writes: > > Roman> We are using the SystemProperties class throughout the > Classpath code to > Roman> access system properties and avoid the security checks in > Roman> java.lang.System. However, I come to think that this > is no good the way > Roman> it is. This class is public and nothing prevents use > of this class from > Roman> application code. > > As I recall things in gnu.classpath should not be available to > application code. The system class loader, or something, has to > enforce this. That's correct. The (default) system class loader calls SecurityManager.checkPackageAccess() in loadClass(String,boolean). > I'm having some trouble with the details but I know Jeroen knows the > details here... I don't remember the details of the rest of the story, but earlier in this thread Casey posted a (very small) patch that enables this infrastructure and protects the gnu.classpath. package. Regards, Jeroen