Some Java permission checks need to be requested by the classloader

Today I was working with a custom SecurityManager implementation, trying to make it restrict one thread group's access to a package. It appeared that checkPermission was not called with a relevant permission during the loading or execution of restricted code, nor was checkPackageAccess called. However, after the custom classloader responsible for loading the untrusted code was adjusted to make a call to the system security manager regarding the class requested by loadClass, class access could be controlled.