How does the security manager interact with the classloaders?
Kevin RiffIn JDK 1.2 and later versions, the security model changed from a sandbox to a permissions-based model. When the classloader loads a class, it associates a protection domain with it. The protection domain determines which permissions the class has.
In JDK 1.1, the security manager checks the classloader of the currently executing method to determine where the code came from. This determines what privilleges it should have.