this is what I would like to be clear aboutApart from spamfilters, is reliance on JVM design enough? (apart from continually reminding the users)
The JVM, and particularly the applet component of it, which is the only piece of software accessible from your browser, is a very mature piece of software. It's been around for ~10 years on solaris/windows, and at least 5 on linux.
Given the relatively open nature of the design, you'd expect any glaring security flaws to be identified and fixed in subsequent versions (as they were with MS' JVM).
It's also worth noting that even if an applet were to escape out of a sandbox, and try to do something naughty, it would be trapped by UNIX permissions, unless you were silly enough to do something like run the offending applet as root.
A basic introduction to the JVM security model is here: http://www.javaworld.com/javaworld/jw-08-1997/jw-08-hood.html
Cheers, Matt Moor