The format of this debugging information and the file or other output stream to which it is emitted depend on
the host environment. Each virtual machine is free to do what it wants with these calls, including ignoring
them if the local runtime system has nowhere to put the trace output, although they are likely to work in a
development environment.
These methods are fairly low-level debugging tools. Typically, a virtual machine will also support high-level
debuggers and profilers through the JVM™ Tool Interface (JVMTI); interested readers should consult that
specification for more information.
23.5. Security
Security is a very complex issue and a full discussion of it is well beyond the scope of this bookyou can read
Inside Java™ 2 Platform Security, Second Edition, a companion book in this series, for all the details. What
we can do, however, is provide an overview of the security architecture and some of its key components.
Information on other aspects of security is given in "java.security and Related Packages Security Tools" on
page 732.
To perform a security-checked operation you must have permission to perform that operation. Together, all
permissions in a system and the way in which they are assigned define the security policy for that system. A
protection domain encloses a set of classes whose instances are granted the same set of permissions and that
all come from the same code source. Protection domains are established via the class loading mechanism. To
enable the security policy of a system and activate the protection domains, you need to install a security
manager.[2]
[2] Some virtual machines allow a startup argument that causes a default security manager to
be created and installed. For example, using the JDK™ 5.0 you define the system property
java.security.manager by passing the argument -Djava.security.manager to
the java command.The classes and interfaces used for security are spread across a number of packages so we use the fully
qualified name the first time we introduce a specific class or interface.
23.5.1. The SecurityManager Class
The java.lang.SecurityManager class allows applications to implement a security policy by
determining, before performing a possibly unsafe or sensitive operation, whether it is being attempted in a
security context that allows the operation to be performed. The application can then allow or disallow the
operation.
The SecurityManager class contains many methods with names that begin with the word "check." These
methods are called by various methods in the standard libraries before those methods perform certain
potentially sensitive operations, such as accessing files, creating and controlling threads, creating class
loaders, performing some forms of reflection, and controlling security itself. The invocation of such a check
method typically looks like this:
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkXXX(...);
}