I probably should have given the full background in the description itself Basically I'm working on getting WildFly integration tests working with the security manager enabled. There are a lot of cases where we really need the ServiceLoader.load() to be wrapped in a privilege block.

When looking the Hibernate issues I just happened to notice that the ServiceLoader was cached and could potentially use the wrong AccessControlContext. I didn't however notice that the cache is per-class loader which makes me less concerned about this issue. My initial thought was A.war would load Hibernate and cache A.war's ACC. Then B.war would attempt to load Hibernate, but when using the service see A.war's ACC. If it's a ServiceLoader per class loader I don't think this is an issue.

Not fully related to this we will need to look at where a privileged block should be added to load services. As stated in WFLY-6184 the correct place might be org.hibernate.boot.registry.BootstrapServiceRegistryBuilder.build(BootstrapServiceRegistryBuilder.java:224). I don't know the code well enough yet to know if that is correct though or not.