We mentioned above that each function gets a security variable passed to it. Each security manager has a single variable associated with it. You can specify this when you specify your security functions (see below for specifying security). Alternately, if you do not, a blank ScriptEase object is created (as if calling new Object()) and used. This variable cannot be accessed by the script being run, but it is passed to each security function whenever it is called. This allows you to store data needed to implement your security and keep it safe from the script being run.