Hi Johannes, Anton, Thanks, that's fair. I agree this is not a meaningful security boundary for UML, and I do not have a strong enough use case to justify carrying this as a fix. I'll drop this patch. Thanks, Pengpeng