static {
   // doPrivileged here because there are multiple
   // things in initialize that might require privs.
   // (the FileInputStream call and the File.exists call,
   // the securityPropFile call, etc)
   AccessController.doPrivileged(
       new PrivilegedAction() {
         public Object run() {
           initialize();
           return null;
         }
       });
 }
  static {
    try {
      AccessController.doPrivileged(
          new PrivilegedExceptionAction<Object>() {
            public Object run() throws Exception {
              setupJurisdictionPolicies();
              return null;
            }
          });

      isRestricted = defaultPolicy.implies(CryptoAllPermission.INSTANCE) ? false : true;
    } catch (Exception e) {
      throw new SecurityException("Can not initialize cryptographic mechanism", e);
    }
  }
  /*
   * Implementation detail:  If the property we just set in
   * setProperty() was either "package.access" or
   * "package.definition", we need to signal to the SecurityManager
   * class that the value has just changed, and that it should
   * invalidate it's local cache values.
   *
   * Rather than create a new API entry for this function,
   * we use reflection to set a private variable.
   */
  private static void invalidateSMCache(String key) {

    final boolean pa = key.equals("package.access");
    final boolean pd = key.equals("package.definition");

    if (pa || pd) {
      AccessController.doPrivileged(
          new PrivilegedAction() {
            public Object run() {
              try {
                /* Get the class via the bootstrap class loader. */
                Class cl = Class.forName("java.lang.SecurityManager", false, null);
                Field f = null;
                boolean accessible = false;

                if (pa) {
                  f = cl.getDeclaredField("packageAccessValid");
                  accessible = f.isAccessible();
                  f.setAccessible(true);
                } else {
                  f = cl.getDeclaredField("packageDefinitionValid");
                  accessible = f.isAccessible();
                  f.setAccessible(true);
                }
                f.setBoolean(f, false);
                f.setAccessible(accessible);
              } catch (Exception e1) {
                /* If we couldn't get the class, it hasn't
                 * been loaded yet.  If there is no such
                 * field, we shouldn't try to set it.  There
                 * shouldn't be a security execption, as we
                 * are loaded by boot class loader, and we
                 * are inside a doPrivileged() here.
                 *
                 * NOOP: don't do anything...
                 */
              }
              return null;
            } /* run */
          }); /* PrivilegedAction */
    } /* if */
  }
 /*
  * Retuns the CodeBase for the given class.
  */
 static URL getCodeBase(final Class<?> clazz) {
   URL url = codeBaseCacheRef.get(clazz);
   if (url == null) {
     url =
         AccessController.doPrivileged(
             new PrivilegedAction<URL>() {
               public URL run() {
                 ProtectionDomain pd = clazz.getProtectionDomain();
                 if (pd != null) {
                   CodeSource cs = pd.getCodeSource();
                   if (cs != null) {
                     return cs.getLocation();
                   }
                 }
                 return NULL_URL;
               }
             });
     codeBaseCacheRef.put(clazz, url);
   }
   return (url == NULL_URL) ? null : url;
 }