When the JVM begins to process an application, it can optionally
load an instance of the SecurityManager
class. Every attempt to access external resources, such as executing
a read or write to a file, will need to obtain permission from
the security manager.
Prior to version 1.2, a SecurityManager
subclass would override methods such as checkRead()
and checkWrite()
with code that examined the request and threw an exception if
it was judged invalid. With version 1.2 a more elaborate and flexible
Permissions
and Security
Policy file scheme was put into effect.
In Chapter
14 : HTTP Server - SecurityManager we look further at how
to set up a security manager.
Note that the application in a browser that runs applets has
by default an extremely restrictive security manager that blocks
virtually all accesses other than reading files from the applets
site and opening web pages to other sites.
References & Web
Resources