"adrian(a)jboss.org" wrote : | public void setField(Field field) | { | this.field = field; | if (isPublic() == false && field != null) | field.setAccessible(true); | } | Actually its not a security hole, because you have done it properly. The setAccessible will fail depending upon the who the caller is. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4137045#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...