...
Do not accept Class, ClassLoader or Thread instances from untrusted code. If inevitable, safely acquire these instances by ensuring they come from trusted sources. Additionally, make sure to discard tainted inputs from untrusted code. Likewise, objects returned by the affected methods should not be propagated back to the untrusted code. In essence, never perform any operation on behalf of untrusted code because its class loader instance may have insufficient permissions.
References
Inside Java 2 Platform Security, 4.3.2 Class Loader Delegation Hierarchy
Sun Secure Coding Guidelines