Once again, I found myself thinking... Distributing plugins is all fine and stuff... Buy what if I want to assure a certain measure of security, should I choose to install a remotely maintained plugin on my server?

Now, I'm pretty sure you know the concept of Java's SecurityManager.
Do you know how that relates to classloaders? I mean, is it possible to have certain code, loaded by a certain classloader, run with a specified SecurityManager?

Looking forward to ear anyone's thoughts...