The jnlp-loader project takes a step forward in opening the sandbox.
The sandbox.WebLoader enforces an executable code policy on java code.
The sandbox silently drops nativelib resources and jvm class files that violate its policy.
This policy permits a desktop program to be run without loading native code or performing unsafe operations against its class loader and jnlp services.
In this policy, all jnlp resources loading native code are dropped. And unpacked byte code classes performing reflection (java.lang.reflect), or binding (java.lang.Class.forName); acting on java.lang.Runtime or java.lang.File; or subclassing java.lang.ClassLoader are deleted after the loader unpacks (before application main).
The sandbox package can provide JNLP services * for performing downloads and file operations.
The sandbox.WebLoader main function can create a sandbox in which file and runtime access should only occur through the JNLP services provided by the sandbox package.