Baptiste Mille-Mathias

Asked: 2016-08-04 00:30:43 +0800 CST2016-08-04 00:30:43 +0800 CST 2016-08-04 00:30:43 +0800 CST

Disallow JVM system security policy settings override

I've defined some parameters to file /usr/lib/jvm/jre-8-oracle-x64/lib/security/java.security to comply JAVA security settings with our security policy. Some parameter I have edited are

security.overridePropertiesFile=false
jdk.tls.disabledAlgorithms= ...
jdk.certpath.disabledAlgorithms=MD2,...

It is unclear to me if a developer could set custom parameter in an application, does the JVM enforce these parameters or can they be overridden ?

I've seen there this question already about Java security Policy but I'm my case I just want the system-policy to be applied.

Disallow JVM system security policy settings override

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Disallow JVM system security policy settings override

0 Answers