Java's security model is one of the most interesting and unique aspects of the language. for the most part it's broken into two pieces: the user adjustable security manager that checks various API operations like file access, and the byte code verifier that asserts the validity of compiled byte code.
public abstract class SecurityManager
java.lang.SecurityManager is an abstract class which
different applications subclass to implement a particular security
policy. It allows an application to determine whether or not a
particular operation will generate a security exception. With one
exception the following methods all throw security exceptions if an
operation is not allowed.
public void checkCreateClassLoader()
public void checkAccess(Thread g)
public void checkAccess(ThreadGroup g)
public void checkExit(int status)
public void checkExec(String cmd)
public void checkLink(String lib)
public void checkRead(FileDescriptor fd)
public void checkRead(String file)
public void checkRead(String file, Object context)
public void checkWrite(FileDescriptor fd)
public void checkWrite(String file)
public void checkDelete(String file)
public void checkConnect(String host, int port)
public void checkConnect(String host, int port, Object context)
public void checkListen(int port)
public void checkAccept(String host, int port)
public void checkMulticast(InetAddress maddr)
public void checkMulticast(InetAddress maddr, byte ttl)
public void checkPropertiesAccess()
public void checkPropertyAccess(String key)
public boolean checkTopLevelWindow(Object window)
public void checkPrintJobAccess()
public void checkSystemClipboardAccess()
public void checkAwtEventQueueAccess()
public void checkPackageAccess(String pkg)
public void checkPackageDefinition(String pkg)
public void checkSetFactory()
public void checkMemberAccess(Class c, int which)
public void checkSecurityAccess(String action)