When a protection domain has UnresolvedPermissions, those permissions are unilaterally resolved to the class of the first Permission object passed to implies that has the same class name. If permission classes are downloaded, this can cause unintentional denial of service (or, if C2 is evil, perhaps this is intentional denial of service).

Suppose a class C1 has been loaded into classloader CL1 from codebase CB1, and class C2 has been loaded into classloader CL2 from codebase CB2, and these are sibling classloaders. Suppose each of these classes makes reference to a FooPermission class, which is not accessible in the parent classloader. Suppose
some class C3, loaded from that parent classloader, has been granted AllPermission. Suppose both CB1 and CB2 have been granted FooPermission, which is initially an UnresolvedPermission in each protection domain. Suppose C3 calls a method on an instance of C1, passing as a parameter an instance of C2, and suppose the C1 method calls some method on the instance of C2. Now suppose that C2 method does a checkPermission with an instance of FooPermission. That FooPermission will have been loaded into CL2. When the implies check is done on C1's protection domain, the UnresolvedPermission will get permanently resolved to the FooPermission class from CL2. If class C1 later attempts to do its own checkPermission with an instance of its own FooPermission from CL1, the check will fail.