Scanning the call stack to determine if an
applet is on the stack is error-prone
Checking to see if a class loaderis on the stack Basing decisions on class loader depth Still no common security API and/or environment for applet writers to let applets out of the sandbox