http://www.cert.org/blogs/certcc/2013/01/java_in_web_browser_disable_no.html
"We have confirmed that VU#625617 can be used to reliably execute code on Windows, OS X, and Linux platforms." where the linked vulnerability is:
http://www.kb.cert.org/vuls/id/625617
Via Applications, Other, IcedTea-Web Control Panel I do not find a simple control as provided in the most recent vendor-supplied bits:
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html#disable
Using Add/Remove Programs to accomplish [per yum.log]:
... Erased: icedtea-web-1.3.1-1.fc17.i686
still allows applets to run. Only after killing and restarting the browser (Firefox; kill rather than close, so that all of the open tabs can be Restored) does loading a page containing an applet lead to:
A plugin is needed to display this content.
So if one were needing to enable Java for a trusted site, while browsing conservatively elsewhere, is there anything simpler to do than this cycle of:
- install icedtea-web-...
- kill and restart web browser
- use Java
- erase icedtea-web-...
- kill and restart web browser
- browse safely
:
Is there an intent to make this simpler in future versions?
Cheers,"We have confirmed that VU#625617 can be used to reliably execute code on Windows, OS X, and Linux platforms." where the linked vulnerability is:
http://www.kb.cert.org/vuls/id/625617
Via Applications, Other, IcedTea-Web Control Panel I do not find a simple control as provided in the most recent vendor-supplied bits:
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html#disable
Using Add/Remove Programs to accomplish [per yum.log]:
... Erased: icedtea-web-1.3.1-1.fc17.i686
still allows applets to run. Only after killing and restarting the browser (Firefox; kill rather than close, so that all of the open tabs can be Restored) does loading a page containing an applet lead to:
A plugin is needed to display this content.
So if one were needing to enable Java for a trusted site, while browsing conservatively elsewhere, is there anything simpler to do than this cycle of:
- install icedtea-web-...
- kill and restart web browser
- use Java
- erase icedtea-web-...
- kill and restart web browser
- browse safely
:
Is there an intent to make this simpler in future versions?
Nelson
-- java-devel mailing list java-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/java-devel
