...
Failure to make sensitive classes noncloneable can severely violate the class invariants and provide malicious subclasses from exploiting the opportunity to exploit the code to create new instances of objects, without security manager checks (by default).
...