I'm allowing user supplied ruby code to run in server(java scripting), and since jruby doesn't support safe-levels as in ruby I'm thinking about using java's security manager.
Is this a good decision? Has anyone else implemented this? Are there any good articles/books/resources that introduce me to security manager?