I cannot speak to the likelihood of that approach being abused but I certainly understand what you are saying. The problem if we do want to protect against such abuse by doing the privileged blocks in the ClassLoaderService#loadJavaServices callers is that Hibernate calls ClassLoaderService#loadJavaServices from quite a few places - not very DRY. Open to suggestions...