Solved

Securing Java on the desktop

Posted on 2013-01-21
9
342 Views
Last Modified: 2013-01-24
With all the recent real security concerns over Java, I am tring to find a way to make sure that Java is as secure as it can be for those users that require it to be enabled. This is all in relation to Jave 1.7 update 11 only.

Java comes with security setting options as per the attached pictures. These choices are then apparantly stored in a file under each user, as per the attached text file. That text file is located at C:\Users\usernamehere\AppData\LocalLow\Sun\Java\Deployment. This is on a Windows 7 Professional workstation.

Does anyone know of a way to push these settings out to other workstations via Group Policy or registry or files, being that the deployment.properties file contains the username of the user?
1-21-2013-11-24-51-AM.gif
1-21-2013-11-14-42-AM.gif
1-21-2013-11-16-33-AM.gif
deployment.properties.txt
0
Comment
Question by:jst3751
  • 5
  • 4
9 Comments
 
LVL 16

Accepted Solution

by:
choward16980 earned 500 total points
ID: 38802604
You could write a batch file that echo'd the lines of code and use '%username%' without the quotes.
test.txt
0
 
LVL 1

Author Comment

by:jst3751
ID: 38802747
Interesting idea. Which then led me to the idea of just plainly coping the file upon login using the %username% as part of the path. Which your script triggered that thought. I will test and post back.
0
 
LVL 16

Assisted Solution

by:choward16980
choward16980 earned 500 total points
ID: 38802775
Using the script promotes the correct security is assigned to the file.  In my experience, echo piping is the fastest way to generate a config file.  Copying centrally located files brings other protocols and timeouts into the mix.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:jst3751
ID: 38803105
OK, if I follow that thought then, how does your example script handle if the file already exists and the line already exists? Is the line overwritten or is it appended to the bottom of the existing file?
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38803239
Yes, line overwritten.  First line echo has single pipe out >.  That basically empties the file contents.  Two pipe outs >> would append.
0
 
LVL 1

Author Comment

by:jst3751
ID: 38803331
Ah, did not know that about single and double pipe out.
0
 
LVL 1

Author Comment

by:jst3751
ID: 38808030
OK, I have implemented your example after coming up with 3 variations. (XP or 7, disabled or enabled in browser.)

I will let you know in a day or 2 how it goes.
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38812165
Good deal.  And thanks for the suggestion, I've implemented the same on my network now ;D
0
 
LVL 1

Author Comment

by:jst3751
ID: 38815697
OK, this is working great. If a user should have to change it during the day to get to a trusted website, as soon as he/she logs on again it is reverted back to the secure settings I dictate.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
MySQL  on Tomcat 8 46
SHA2 certs for IIS AND Java? 2 90
how to see all occupied ports on windows 10 laptop 15 65
ejb on wildfly 5 20
Introduction If you're like most people, you have occasionally made a typographical error when you're entering information into an online form.  And to your consternation, the browser remembers the error, and offers to autocomplete your future entr…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This tutorial covers a practical example of lazy loading technique and early loading technique in a Singleton Design Pattern.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question