Another suggestions for disabling JARs is to double-compress them, then uncompress them to re-enable. I would love to hear any feedback on this JAR-disabling proposal.
Also I'd like to +1 Mazz's earlier comment about not applying this mechanism to RPM. This is definitely a big step forward for the zip distribution, but RPM is an established patching solution, there's no need to re-invent the wheel for RPM.