Saturday 15 September 2018

windows - Disable Java 8 update 20 security prompts


Java version 8 update 20 introduced a tedious step of having to verify if an applet is legitimate through some convoluted series of steps. Oracle says this about it:


Medium (removed from Java 8 Update 20 and later versions) 

Only unsigned applications that request all permissions are blocked. All
other applications are allowed to run with security prompts. Selecting
the Medium security level is not recommended and will make your
computer more vulnerable should you run a malicious application.

How do I get the old behaviour back?


That is, how can I run a Java applet (IcedTea) without having to follow the steps below.



Answer



How do I control when an untrusted applet or application runs in my web browser?



Starting with Java 8 Update 20, the Medium security level has been removed from the Java Control Panel. Only High and Very High levels are available.


The exception site list provides users with the option of allowing the same applets that would have been allowed by selecting the Medium option but on a site-by-site basis therefore minimizing the risk of using more permissive settings.



Source How do I control when an untrusted applet or application runs in my web browser?



How can I configure the Exception Site List?



The Exception Site List feature is being introduced in the release of Java 7 Update 51. By adding application URL to the Exception list allows users to run Rich Internet Applications (RIAs) that would normally be blocked by security checks.


Listed below are cases which will allow applications to run by adding the application url to the exception site list:



  • If application is not signed with a certificate from trusted certificate authority.

  • If application is hosted locally.

  • Jar file not having the Permission manifest attribute. Application signed with an expired certificate. Certificate used to sign the application cannot be checked for revocation.


Manage the Exception Site List


The exception site list is managed in the Security tab of the Java Control Panel. The list is shown in the tab. To add, edit or remove a URL from list, Click Edit Site List and follow the directions shown. Add a URL



  • Click on the Edit Site List button.

  • Click the Add in the Exception Site List window.

  • Click in the empty field under Location field to enter the URL.

  • Example: http://myexample.com (Note: URL should begin with http:// or https://)

  • Click OK to save the URL that you entered.

  • Click Continue on the Security Warning dialog.


Edit a URL



  • Double click the URL that you want to edit in the Exception Site List window.

  • Make change to the URL.

  • Click OK to save the changes.


Remove a URL



  • Click the URL that you want to remove in the Exception Site List window.

  • Click Remove.

  • Click OK to save your change.



Source How can I configure the Exception Site List?


After adding the site to the Exception Site list you may need to restart your browser.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Where does Skype save my contact's avatars in Linux?

I'm using Skype on Linux. Where can I find images cached by skype of my contact's avatars? Answer I wanted to get those Skype avat...