According to the Java API Class SecurityManager documentation [API 2011],
The security manager is a class that allows applications to implement a security policy. It allows an application to determine, before performing a possibly unsafe or sensitive operation, what the operation is and whether it is being attempted in a security context that allows the operation to be performed. The application can allow or disallow the operation.
...
Programmatic detection of the presence or absence of a SecurityManager at runtime is straightforward. Static analysis can address the presence or absence of code that would attempt to install a SecurityManager if the code were executed. Checking whether the SecurityManager is installed early enough, whether it specifies the desired properties, or whether it is guaranteed to be installed may be possible in some special cases but is not feasible in full generality.
Related Guidelines
Bibliography
| [API 2011] | Class SecurityManager Class AccessControlContext Class AccessController |
| [Gong 2003] | §6.1, "Security Manager" |
| [Pistoia 2004] | §7.4, "The Security Manager" |
| [Policy 2002] | "Default Policy Implementation and Policy File Syntax" |
| [SecuritySpec 2008] | §6.2, "SecurityManager versus AccessController" |
...