Solved

Securing Java on the desktop

Posted on 2013-01-21
9
336 Views
Last Modified: 2013-01-24
With all the recent real security concerns over Java, I am tring to find a way to make sure that Java is as secure as it can be for those users that require it to be enabled. This is all in relation to Jave 1.7 update 11 only.

Java comes with security setting options as per the attached pictures. These choices are then apparantly stored in a file under each user, as per the attached text file. That text file is located at C:\Users\usernamehere\AppData\LocalLow\Sun\Java\Deployment. This is on a Windows 7 Professional workstation.

Does anyone know of a way to push these settings out to other workstations via Group Policy or registry or files, being that the deployment.properties file contains the username of the user?
1-21-2013-11-24-51-AM.gif
1-21-2013-11-14-42-AM.gif
1-21-2013-11-16-33-AM.gif
deployment.properties.txt
0
Comment
Question by:jst3751
  • 5
  • 4
9 Comments
 
LVL 16

Accepted Solution

by:
choward16980 earned 500 total points
ID: 38802604
You could write a batch file that echo'd the lines of code and use '%username%' without the quotes.
test.txt
0
 
LVL 1

Author Comment

by:jst3751
ID: 38802747
Interesting idea. Which then led me to the idea of just plainly coping the file upon login using the %username% as part of the path. Which your script triggered that thought. I will test and post back.
0
 
LVL 16

Assisted Solution

by:choward16980
choward16980 earned 500 total points
ID: 38802775
Using the script promotes the correct security is assigned to the file.  In my experience, echo piping is the fastest way to generate a config file.  Copying centrally located files brings other protocols and timeouts into the mix.
0
 
LVL 1

Author Comment

by:jst3751
ID: 38803105
OK, if I follow that thought then, how does your example script handle if the file already exists and the line already exists? Is the line overwritten or is it appended to the bottom of the existing file?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 16

Expert Comment

by:choward16980
ID: 38803239
Yes, line overwritten.  First line echo has single pipe out >.  That basically empties the file contents.  Two pipe outs >> would append.
0
 
LVL 1

Author Comment

by:jst3751
ID: 38803331
Ah, did not know that about single and double pipe out.
0
 
LVL 1

Author Comment

by:jst3751
ID: 38808030
OK, I have implemented your example after coming up with 3 variations. (XP or 7, disabled or enabled in browser.)

I will let you know in a day or 2 how it goes.
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38812165
Good deal.  And thanks for the suggestion, I've implemented the same on my network now ;D
0
 
LVL 1

Author Comment

by:jst3751
ID: 38815697
OK, this is working great. If a user should have to change it during the day to get to a trusted website, as soon as he/she logs on again it is reverted back to the secure settings I dictate.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
Several part series to implement Internet Explorer 11 Enterprise Mode
Viewers will learn about if statements in Java and their use The if statement: The condition required to create an if statement: Variations of if statements: An example using if statements:
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now