Securing Java on the desktop
With all the recent real security concerns over Java, I am tring to find a way to make sure that Java is as secure as it can be for those users that require it to be enabled. This is all in relation to Jave 1.7 update 11 only.
Java comes with security setting options as per the attached pictures. These choices are then apparantly stored in a file under each user, as per the attached text file. That text file is located at C:\Users\usernamehere\AppD
Does anyone know of a way to push these settings out to other workstations via Group Policy or registry or files, being that the deployment.properties file contains the username of the user?
1-21-2013-11-24-51-AM.gif
1-21-2013-11-14-42-AM.gif
1-21-2013-11-16-33-AM.gif
deployment.properties.txt
Java comes with security setting options as per the attached pictures. These choices are then apparantly stored in a file under each user, as per the attached text file. That text file is located at C:\Users\usernamehere\AppD
Does anyone know of a way to push these settings out to other workstations via Group Policy or registry or files, being that the deployment.properties file contains the username of the user?
1-21-2013-11-24-51-AM.gif
1-21-2013-11-14-42-AM.gif
1-21-2013-11-16-33-AM.gif
deployment.properties.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK, if I follow that thought then, how does your example script handle if the file already exists and the line already exists? Is the line overwritten or is it appended to the bottom of the existing file?
Yes, line overwritten. First line echo has single pipe out >. That basically empties the file contents. Two pipe outs >> would append.
ASKER
Ah, did not know that about single and double pipe out.
ASKER
OK, I have implemented your example after coming up with 3 variations. (XP or 7, disabled or enabled in browser.)
I will let you know in a day or 2 how it goes.
I will let you know in a day or 2 how it goes.
Good deal. And thanks for the suggestion, I've implemented the same on my network now ;D
ASKER
OK, this is working great. If a user should have to change it during the day to get to a trusted website, as soon as he/she logs on again it is reverted back to the secure settings I dictate.
ASKER