LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Java (https://www.linuxquestions.org/questions/linux-newbie-8/java-4175445134/)

richtalia 01-11-2013 08:51 AM
Java
 
I saw on TV today (jan 11, 2013), that there is a major Java exploit, and it recommended that all java be uninstalled. I am running ubuntu 11.10, should I disable all Java, and what is the best way to do this ??? Thanks !!!

tronayne 01-11-2013 10:46 AM
If you're using Firefox or Seamonkey, select Tools, Add-ons, Add-ons Manager. Click the tab that says "Disable."

Also, read the US-CERT notice at http://www.kb.cert.org/vuls/id/625617. There are links describing how to disable Java on other browsers.

If you're not running Java 7 update 10, it's recommended that you get that (either JDK or JRE), but still disable it (there is no fix known as of now).

If you have any Java applications, you do not want to uninstall Java.

Hope this helps some.

wigry 01-11-2013 10:54 AM
One note, majority of those exploits target Java plugin on the web browser. If you have Tomcat running on the server, then that is not a problem.

richtalia 01-11-2013 12:04 PM
Is java 7 safe or not ?? Thanks, Rich...

tronayne 01-11-2013 12:36 PM
The browser plugin is not safe; Java itself is pretty much OK for Java applications (those that are not Internet- or browser-based (that pesky plugin).

Best bet? Go read the US-CERT notice (http://www.kb.cert.org/vuls/id/625617) and decide for yourself, eh.

If you're using Firefox or Seamonkey, you want to disable the Java plugin; you do that from Tools, Add-ons, Plugins and click tab next to Java Plugin to disable it.

You can also refer to these addresses (copy-paste into your browser):

* Vulnerability Note VU#625617
<http://www.kb.cert.org/vuls/id/625617>

* Setting the Security Level of the Java Client
<http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html>

* The Security Manager
<http://docs.oracle.com/javase/tutorial/essential/environment/security.html>

* How to disable the Java web plug-in in Safari
<https://support.apple.com/kb/HT5241>

* How to turn off Java applets
<https://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets>

* NoScript
<http://noscript.net/>

* Securing Your Web Browser
<https://www.us-cert.gov/reading_room/securing_browser/#Safari>

* Vulnerability Note VU#636312
<http://www.kb.cert.org/vuls/id/636312#solution>

Hope this helps some.


All times are GMT -5. The time now is 04:53 PM.