Explore a comprehensive analysis of Java's access control vulnerabilities in this IEEE Symposium on Security & Privacy conference talk. Delve into the study of shortcuts that bypass stack-based access control, leading to implicit privilege elevation and potential security risks. Examine the consequences of these shortcuts, including their impact on software maintenance and the introduction of confused-deputy vulnerabilities. Learn about a proposed solution involving a tool-assisted adaptation of the Java Class Library to implement explicit privilege elevation. Discover how these changes can significantly enhance the security of Java applications by hindering new vulnerabilities and restricting attacker capabilities. Gain insights into usability considerations and performance implications of implementing faithful stack-based access control in Java.