Signed network servlets are loaded by Jeeves' ServletClassLoader only when they are signed by an signature that is on the list of trusted signatures. The list of trusted signatures is created by the Jeeves administrator, ahead of time, using the ServletAdmin tool.
The Jeeves administrator can limit the capabilities granted to signed network servlets, or he/she can grant full access to particular servlets.