Installing Java on Linux

Installing Java on a Linux desktop is not hard, but the situation is needlessly confusing. Here’s how I do it, and why I do it that way.

Java was originally developed by Sun Microsystems (now Oracle), and their version continues to be the de facto standard. It is, nonetheless, a poor choice for the average user. Oracle prohibits distributions from carrying it in their package managers, so it cannot be automatically kept up to date — a dangerous situation given that Java is a popular attack vector. Nor does Oracle provide an RSS feed, mailing list, or any other means to be informed of new updates.

Additionally, Oracle’s Java bundles browser plugins with the main runtime environment, and enables them by default. This is dangerous: Java is a frequent source of vulnerabilities, and the web is full of compromised websites with malicious Java code. Visit just one of those sites with a Java plugin in your browser, and consider yourself compromised.

These problems are addressed by OpenJDK, a fully open source Java. The current version, 7, is considered by Oracle to be the reference implementation of Java. OpenJDK is carried in most distributions’ package managers, and offers browser plugins as a separate option.

As of this writing, some distributions still carry the older version 6 of OpenJDK as well as the current version 7. Unless you have reason to do otherwise, use version 7.

In your package manager, search for “OpenJDK”. You will probably see several packages; select the one described as the runtime environment. Different distributions will call this by different names, so read the descriptions. For reference, on Mageia 2 it is called “java-1.7.0-openjdk”.

If you need browser plugins, most distributions package them separately under the name “icedtea-web”. Before doing so, consider very carefully the security implications of having a Java plugin in your browser. Most users are better off without it.

Close and reopen your browser. Then test the plugin at Plugins must be enabled for that site, naturally. Repeat this test in each browser you use. Be aware that both testers assume you are using Oracle Java, so Iced Tea users should ignore spurious messages that their release is out of date.

The directory ~/.java/ is created upon the first use of Java, and can be excluded from your backup routine.

If you use the icedtea browser plugin, the directory ~/.icedtea/ is created upon the first use of the plugin, and can be excluded from your backup routine. By default errors are logged to ~/hs_err_pid*.log; these logs can also be excluded.

Installing a Java application on your Linux box is easy.

As I hope I have already made clear above, Java is a frequent source of security vulnerabilities. Only install it if you have need for it, and remove it promptly if that need ends. This is doubly so for the browser plugin. Unless you have an unusual, mission critical need for the browser plugin, you will almost certainly be better off finding alternative web services that do not require it.

Java on Linux is dated but provides good background information
Oracle Java users will want to follow Michael Horowitz, who announces Oracle Java updates and security news on his blog, RSS feed, and Twitter account.
How to be as safe as possible with Java


About Warren Post

So far: Customer support guy, jungle guide, IT consultant, beach bum, entrepreneur, teacher, diplomat, over-enthusiastic cyclist. Tomorrow: who knows?
This entry was posted in Uncategorized and tagged , , , . Bookmark the permalink.

3 Responses to Installing Java on Linux

  1. Pingback: Software I commonly install and remove | A maze of twisty little passages

  2. Pingback: Browser plugins | A maze of twisty little passages

  3. Pingback: Installing a Java application on Linux | A maze of twisty little passages

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s