ProfilingSecurityManager is a Java security manager that profiles what resources an application accesses, and in what manner --- e.g., read, write, etc. It does not enforce a security policy, but rather produces a starting point for crafting one.
It extends java.lang.SecurityManager and overrides the two forms of the checkPermission() method. For each call to checkPermission(), ProfilingSecurityManager first guards against the condition that it itself induced the call to checkPermission(), which would result in unterminated recursion. If a call to checkPermission() resulted from a call outside ProfilingSecurityManager, the current context is examined and each class found therein is profiled as needing access to the java.security.Permission in question.
Profiling is manifested as a writing to System.bufferedWriter a "grant" rule for each java.security.Permission requested on a per CodeBase basis.
The implementation here does some very simple rule caching. If a rule has been seen previously, it is not output to System.bufferedWriter. The caching cannot prevent a security check, but it can reduce I/O during profiling.
Authored by Mark S. Petrovic, and revised by Stephen L. Reed.