Currently it appears everything eventually simply calls java.io.File and friends. This makes it difficult to provide an elegant only show what they should be able to see file system. Under the current system, one must use a security manager that is also aware of each individual user and thus does the right thing. I would rather have the ability to provide a file system abstraction that only includes the directories and files that my server wishes to present. This way i dont need to show stuff they shouldnt know about. It also means it becomes much easier to provide custom classpaths and different views to each individual user of the system.