Compatibility and problems with some window managers ==================================================== Some window mangers have problems running java programs with the environment variable AWT_TOOLKIT=MToolkit. For these cases, please use a window manger which doesn't show these problems. For details, please see http://bugs.debian.org/504524 Installation of extensions: =========================== * Extensions which work with all Java 2 VMs (>= v1.3) should be installed in /@basedir@/ext (with native libraries in /@basedir@/). Packages should depend on @JRE@ or @JDK@ if development tools are required. * Extension which require a specific Java @RELEASE@ version should be installed in /@basedir@/jre/lib/ext (with native libraries in /@basedir@/jre/lib/). Packages should depend on @JRE@ or @JDK@ if development tools are required. Debian Java Repository: ======================= /usr/share/java/repository gets added to CLASSPATH automatically but it is not an extension directory. If you want to give all permissions to code installed in /usr/share/java/repository, the uncomment the corresponding section in /etc/@basename@/security/java.policy. Alternatives: ============= Please see README.alternatives. Java Plug-In: ========================= * The @basename@-plugin package automatically enables the Java Plug-In for use with Firefox, Mozilla, and browsers based on Mozilla. * The Plug-In can be configured with the program ControlPanel. * Make sure you have Java enabled in Iceweasel's preferences dialog. Java Cryptography Extension (JCE) support: ========================================== JCE unlimited strength jurisdiction policy files are now included by default, older versions of this package recommended to use dpkg-divert before replacing installed files to avoid upgrade problems, you can keep those diverted files or revert to use the included files: sudo dpkg-divert --rename --remove /@basedir@/jre/lib/security/local_policy.jar sudo dpkg-divert --rename --remove /@basedir@/jre/lib/security/US_export_policy.jar Additional security issues: =========================== /@basedir@/jre/lib/security/cacerts is a symlink to /etc/@basename@/security/cacerts and treated as a configuration file by dpkg. This means that changes to this file are preserved across package update. You should, therefore, think about changing the default password protecting this file. You should also consider changing /etc/@basename@/security/java.policy to prevent threads from calling java.lang.Thread.stop() without any arguments. This feature is enabled by default in the interests of backward compatibility but may result in security issues. You will find more details on this in java.policy. -- Juergen Kreileder , Tue Jul 27 08:00:40 2004 -- Matthias Klose Wed, 3 May 2006 12:34:11 +0200 -- Torsten Werner Sat, 01 May 2010 11:29:15 +0200