I should start by saying that the design of the Java security manager, in my opinion, is not good. One of its problems is that it disallows optimization of tail-recursive methods.
Having said that, what happens in practice is that classes written by different people or companies are often put together to form a complete Java program. Suppose you have put a program together that has some of your own classes, along with classes written by, say, Santa Claus. You trust your own classes to create and delete files, but you don't want any of Santa Claus' methods to delete files unless a particular method of yours has called Santa Claus' method, and never if a particular method of Santa Claus' is currently active. I know this is a bit confusing, but the idea of the java security manager is to use the currently active methods to determine what is and isn't allowed. If tail-recursive calls are optimized away, then it is possible that a Santa Claus method might incorrectly be allowed to delete a file.
Anyway, perhaps we'll try to discuss some of this later in the semester. It becomes relevant for our last project (hw6), when your code is linked together with an opponent's code (and our refereeing code). |