A question of a general plan, since I'm still trying to collect my thoughts and decide on the tools.
There is (will be :)) an application core that interacts with the file system, database, network. To increase its functionality, it is planned to use "expansion modules". The main task of the modules is to receive data from the kernel, process it in some way, and return the result.
Of course, I really want modules to have as few opportunities as possible to rummage around where they were clearly not allowed … If it weren't about cross-platform, I would probably be satisfied with *nix-chroot'om – each crap in an isolated environment (+, perhaps, for an individual user) and within their own framework, they do what they want. The option of developing your own interpreted environment with a bunch of subject objects and a language .. probably, in theory, can also be considered, but it already smacks of perversions in the 1C style))
The question is – is it possible to somehow run java classes in the environment … well, something like the browser does for applets? Or maybe somehow you can reduce the set of system classes for the module (of course, providing similar, but filterable ones)…
I would be glad to hear ideas, considerations, references to literature …
Well, of course, you can pervert and run 2 copies of the JVM, your core is spinning in one JVM, and your plugins in the second. Organize the interaction between the core and plugins through RMI