Question about openjdk security patches
Sean Mullan
sean.mullan at oracle.com
Fri Mar 18 17:40:11 UTC 2016
On 03/18/2016 10:34 AM, Vinay Mulye wrote:
> Hi,
> I am new to the forum, this is my first question; so go easy. I have
> googled and looked up previous archives, I could not find about
> information about security.properties in the security patches.
This list is for the development of JDK 6 and is not a forum for asking
general questions like this, but I have added a quick reply below.
> I intend to change security.properties on openjdk6. Specifically I
> intend to change
>
> #networkaddress.cache.ttl=-1
>
> to
>
> networkaddress.cache.ttl=30
>
>
> My worry is subsequent OpenJDK security updates may overwrite this
> setting. So here is the question
> Does openJDK security patches "overwrite" existing "user amended"
> settings in the java.security file ?
Yes, it may depending on your JRE vendor's patch mechanism.
You can workaround this by creating a file in a different location, and
adding the properties that you want to override.
Then, you can specify the location on the java command line with
-Djava.security.properties=<URL> option (this will just override the
properties that you have changed).
Or you can try using the java.security.Security.setProperty API directly
in your code (try to do it as early as possible before the networking
code reads and caches it)
--Sean
More information about the jdk6-dev
mailing list