- script-security 1.5 introduced "Additional classpath".
- Those classpaths require administrators' approval.
- Class directories are valid for "Additional classpath".
- Once class directories are appoved, adding or replacing files in sub directories of those class directories no longer require approval.
- This should allow users to use classes that administrators doesn't want to allow.
- Don't allow class directories for "Additional classpath"
- This doesn't cause critical regressions as it is easy to create jar file from class directories.
- When a class directory is specified, check all files in the class directory.
- Leave this as a limitation.
I'll add a test and send a pull request to see this behavior.