RobertJasiek wrote:...
As nice abstraction layers, sandbox and certificates for Java may be in theory, as long as their programming allows the contrary, there is no security in practice.
There may be cases where the security of these abstraction layers is violated, but that does not make it worse than having no such security at all. If you want to take additional security steps such as making your own sandbox, etc., this can also be done on top of the existing security present in Java.
Flaw in security is not equivalent to no security. If we allow that to be true, then no system has security, whatsoever.