The serialized form of PrivateCredentialPermission includes a Set field. The elements of this set on the wire in the current implementation are instances of a CredOwner inner class (which looks like it could be a static class but isn't). There is no guarantee that the eventual receiver of the serialized form is using the same implementation of JAAS, hence no guarantee that such an inner class exists in the receiver.

There is also no readObject check to ensure that the received set actually (and only) contains instances of CredOwner, nor are there any checks to make sure that the credentialClass and principals fields are consistent with what would be obtained by parsing the target name, nor any check that the target name is in fact parsable.