Fix regression Together-Java#22

The security manager incorrectly assumed executed methods were his and
allowed unfiltered access

src/main/java/org/togetherjava/discord/server/sandbox/JshellSecurityManager.java

@@ -3,11 +3,14 @@
 import java.security.Permission;
 import java.util.Arrays;
 
+/**
+ * The {@link SecurityManager} used to limit JShell's permissions.
+ */
 public class JshellSecurityManager extends SecurityManager {
 
   @Override
   public void checkPermission(Permission perm) {
-    if (!comesFromBotCode()) {
+    if (comesFromMe()) {
       return;
     }
 
@@ -27,10 +30,13 @@ private boolean comesFromJshell() {
         .anyMatch(aClass -> aClass.getName().contains("REPL"));
   }
 
-  private boolean comesFromBotCode() {
+  private boolean comesFromMe() {
     return Arrays.stream(getClassContext())
+        // one frame for this method, one frame for the call to checkPermission
         .skip(2)
-        .anyMatch(aClass -> aClass == getClassContext()[0]);
+        // see if the security manager appears anywhere else in the context. If so, we initiated
+        // the call
+        .anyMatch(aClass -> aClass == getClass());
   }
 
   private boolean containsClass(String name) {