The Security Manager in Java determines if any given sensitive operation is unsafe or safe under the current context and circumstance. Let’s see what are these sensitive operations and how the Javas internal API Uses Security Managers to provide Security

what are Sensitive Operations
   Any operation that needs to be regulated or checked before being performed is categorized as a sensitive Operation. Examples of the Sensitive Operations Include

• Read from a Socked
• Read or Write to a System File
• Dynamically Load a class
• Access a Private field using reflection

What methods does the Security Manager Class Have
   The securityManager has various methods for each sensitive operation all beginning with the word “check”. The following are few methods

• checkAccept - for Accepting socket connection
• checkAwtEventQueueAccess - For accessing Event Queue
• checkConnect - for making a Socket Connection
• checkCreateClassLoader - for creating a class loader
• checkExec - for executing a local file
• checkPrintJobAccess - for accessing the print job queue
• checkRead - for reading a file

Who calls these Methods
   The Java Internal API calls appropriate methods before performing appropriate events. For eg., when you are trying to make a socket connection the Socket internal API makes a call to checkConnect() before attempting to connect.

How does security manager determine if the Caller has permission?
  Generally, applications and signed applets can get all permission, for the rest, you can give specific Permission using the PolicyTool.