TmpCleaner service in AspectScript

This page shows the behavior of the TmpCleaner service when used by an untrusted client (also the timer thread is considered untrusted in the examples).
To run TmpCleaner.clean please click on the corresponding button. The activity of the service is logged in the frame below.

There are four versions of the examples, with different access control policies. Depending on the particular policy, the deletion of a file should fail or not when it is direct (the deletion is in the control flow of TmpCleaner.clean) or when it is indirect (the deletion is triggered by the timer thread).
Access control policy Direct deletion? Indirect deletion? TmpCleaner source
No access control at all. yes yes view
Aspectized access control. no no view
Aspectized access control, with privileged execution. yes no view
Aspectized access control, with privileged execution and permission contexts. yes yes view
The JavaScript file implementing the equivalent to the Java API is java.js, and the access control definition is jac.js.

Important

To run the service, you need to have Javascript enabled. Also, AspectScript officially supports Mozilla Firefox (versions 3.0.* and 3.5.*), but in our practical experience, AspectScript should also work on Safari.