?
Solved

Securing Java on the desktop

Posted on 2013-01-21
9
Medium Priority
?
349 Views
Last Modified: 2013-01-24
With all the recent real security concerns over Java, I am tring to find a way to make sure that Java is as secure as it can be for those users that require it to be enabled. This is all in relation to Jave 1.7 update 11 only.

Java comes with security setting options as per the attached pictures. These choices are then apparantly stored in a file under each user, as per the attached text file. That text file is located at C:\Users\usernamehere\AppData\LocalLow\Sun\Java\Deployment. This is on a Windows 7 Professional workstation.

Does anyone know of a way to push these settings out to other workstations via Group Policy or registry or files, being that the deployment.properties file contains the username of the user?
1-21-2013-11-24-51-AM.gif
1-21-2013-11-14-42-AM.gif
1-21-2013-11-16-33-AM.gif
deployment.properties.txt
0
Comment
Question by:jst3751
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 16

Accepted Solution

by:
choward16980 earned 2000 total points
ID: 38802604
You could write a batch file that echo'd the lines of code and use '%username%' without the quotes.
test.txt
0
 
LVL 1

Author Comment

by:jst3751
ID: 38802747
Interesting idea. Which then led me to the idea of just plainly coping the file upon login using the %username% as part of the path. Which your script triggered that thought. I will test and post back.
0
 
LVL 16

Assisted Solution

by:choward16980
choward16980 earned 2000 total points
ID: 38802775
Using the script promotes the correct security is assigned to the file.  In my experience, echo piping is the fastest way to generate a config file.  Copying centrally located files brings other protocols and timeouts into the mix.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Author Comment

by:jst3751
ID: 38803105
OK, if I follow that thought then, how does your example script handle if the file already exists and the line already exists? Is the line overwritten or is it appended to the bottom of the existing file?
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38803239
Yes, line overwritten.  First line echo has single pipe out >.  That basically empties the file contents.  Two pipe outs >> would append.
0
 
LVL 1

Author Comment

by:jst3751
ID: 38803331
Ah, did not know that about single and double pipe out.
0
 
LVL 1

Author Comment

by:jst3751
ID: 38808030
OK, I have implemented your example after coming up with 3 variations. (XP or 7, disabled or enabled in browser.)

I will let you know in a day or 2 how it goes.
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38812165
Good deal.  And thanks for the suggestion, I've implemented the same on my network now ;D
0
 
LVL 1

Author Comment

by:jst3751
ID: 38815697
OK, this is working great. If a user should have to change it during the day to get to a trusted website, as soon as he/she logs on again it is reverted back to the secure settings I dictate.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
The viewer will learn how to implement Singleton Design Pattern in Java.
This video teaches viewers about errors in exception handling.
Suggested Courses
Course of the Month8 days, 13 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question