Currently we have 109 instantiations of the File class spread over 40 java classes. Each one of these has as much access to the filesystem as the user. My proposal is to create a new module in the core which manages access to the filesystem. I would like the module to provide roles for read-only and read/write files or directories. ReadOnlyFile and ReadWriteFile would extend java.io.File and override getParentFile() which allows the owner of a single file to walk the directory tree. Imagine the following situation: A class called Alice needs to be able to read all files in ./skins/ and she needs to be able to write to ./work/alice.txt If we use the component system she might say: @Requirement("./skins/") ReadOnlyFile skinsDirectory; @Requirement("./work/alice.txt") ReadWriteFile workFile; Now suppose an attacker is able to completely compromise Alice and make her execute whatever bytecode he wants. Lets also suppose we have implemented a SecurityManager which prevents Alice from loading the File class or accessing Utils.getComponent. The attacker will be able to read the files in ./skins/ and will be able to read and write to /work/alice.txt but he won't be able to read other files or create new files because Alice has no references to the component manager and thus cannot access additional files. We can leverage the component system to easily provide security using principle of least permission. WDYT? Caleb