> > well, for that purpose, isn't it better to check
> > "any security model is loaded" rather than "this scope has any listeners"?
> 
> For what reason?

to avoid making existing code insecure when introducing new scopes.

> Loading a listener changes the security model. Having no listeners means
> that you can't really do anything the scope manages. Having an "always
> block" policy is unacceptable.

why unacceptable?

> I think making the behavior optional is
> best. I don't care what would be the default behavior. :)

let's try to avoid introducing too many options.

YAMAMOTO Takashi