Page MenuHomePhabricator
Create Task
Maniphest T282545

Sensible updates of java.security properties
Open, MediumPublic
Actions

Description

Some roles use a hardened java.security config which overrides some security settings which are more strict than the Java defaults. But the default java.security files changes fairly often, which means that we need to rebase our Puppet template (which is error-prone and time-consuming).

I searched around and there seems to be an option to selectively override only some settings (and otherwise retain the default config), which we should test:
https://dzone.com/articles/how-override-java-security

Event Timeline

MoritzMuehlenhoff created this task.May 11 2021, 12:27 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 11 2021, 12:27 PM
Reedy renamed this task from Saner updates of java.security properties to Sensible updates of java.security properties.May 11 2021, 1:20 PM
Marostegui triaged this task as Medium priority.May 24 2021, 12:13 PM
Dzahn added a project: Infrastructure Security.May 10 2023, 8:05 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL