The standard Java runtime environment comes with a variety of useful libraries, providing file system access, network access, a window toolkit, and a variety of other tools. The correct specification of the libraries is of critical importance. The language itself can provide the ability to create secure libraries, but if the library code is not specified and written correctly the system is not secure. Since the libraries are the part of the Java runtime that provides access to the system resources mentioned in Section 2.1, the correct implementation of the libraries is of fundamental importance.
The access restrictions of the libraries are based on three mechanism.
The first is the Java language mechanism of providing access
restrictions to objects methods and variables mentioned in
Section 3.1. The second mechanism is the use of specialized
ClassLoaders to load imported code. The final mechanism is the use of
explicit calls to a global SecurityManager to check the validity
of certain specific operations.