> Specification (I&RTS) v4.0 states that "Developers shall not use > compilers designed to convert code developed in other languages (e.g., > Ada, C++) to create Java byte-codes. This restriction is important > because such compilers may inadvertently bypass intended Java security > features." I would be glad to see this removed. On the other hand: I have read some Web pages (sorry, forgot URIs) that made it quite clear that "Java security" is not nearly what it's hyped to be. It's hacked in rather than designed in. In one case, the language syntax was even changed to plug a security hole. Anyway, one of these web pages mentioned a security hole that could not be exploited in Java, but could be exploited if you had a J-code assembler. It's certainly possible for any compiler--including a Java compiler that's not fully compliant with the spec--to exploit this hole. Another page complained that formal verification of security is difficult because the "Java language is not clearly defined enough." Plus, if you are using dozens of Java libraries you didn't write, how do you know they are secure? Finally, remember that both Sun and Microsoft label their Java products with the disclaimer that they are NOT to be used in any safety-critical applications! -- Wes Groleau http://freepages.genealogy.rootsweb.com/~wgroleau