Flashback - disable Java for all users script

If you want to disable Java for all users in Safari and Firefox (from what I have seen it doesn't appear to target Chrome) you can run the following script.

Here is the pretty uncommented version:

1#!/bin/bash
2
3ff_users=()
4os_version=$(sw_vers -productVersion)
5
6while read -r -d $''; do
7    ff_users+=("$REPLY")
8done < <(mdfind -name pluginreg.dat -0)
9
10for dat_file in "${ff_users[@]}"; do
11    username=$(stat -f "%Su" "${dat_file}")
12    if [[ ${os_version%.*} == 10.7 ]]; then
13        { rm "${dat_file}" && awk 'BEGIN{FS=OFS=":"}/JavaAppletPlugin/{count=3}count&&!--count&&($3==1||$3==5){$3--}1' > "${dat_file}"; } < "${dat_file}"
14    else
15        { rm "${dat_file}" && awk 'BEGIN{FS=OFS=":"}/JavaPlugin/{count=3}count&&!--count&&($3==1||$3==5){$3--}1' > "${dat_file}"; } < "${dat_file}"
16    fi
17    chown "${username}" "${dat_file}"
18done
19
20for user in /Users/*; do
21    if [[ -e "${user}"/Library/Preferences ]]; then
22        defaults write "${user}"/Library/Preferences/com.apple.Safari WebKitJavaEnabled -bool FALSE
23        defaults write "${user}"/Library/Preferences/com.apple.Safari com.apple.Safari.ContentPageGroupIdentifier.WebKit2JavaEnabled -bool FALSE
24        chown "${user##*/}" "${user}"/Library/Preferences/com.apple.Safari.plist
25    fi
26done

And here is the nasty one for those of you who want to know what is going on:

1#!/bin/bash
2
3ff_users=()
4os_version=$(sw_vers -productVersion)
5
6# find all users with a Firefox profile and pluginreg.dat file within it using mdfind as suggested by Christoph von Gabler-Sahm (cvgs on jamf nation)
7
8while read -r -d $''; do
9    ff_users+=("$REPLY")
10done < <(mdfind -name pluginreg.dat -0)
11
12# here is the find version
13# while read -r -d $''; do
14#   ff_users+=("$REPLY")
15# done < <(find /Users -name pluginreg.dat -print0 2> /dev/null
16
17
18# now we are going to disable java in Firefox
19# for this we are going to use awk to modify the list of pluginreg.dat files in the ff_users array
20# if statement checks for 10.7 as the relevent line is named JavaAppletPlugin in 10.7 with FF 11.0
21# else use JavaPlugin as found in 10.6
22
23for dat_file in "${ff_users[@]}"; do
24    username=$(stat -f "%Su" "${dat_file}")
25    if [[ ${os_version%.*} == 10.7 ]]; then
26        { rm "${dat_file}" && awk 'BEGIN{FS=OFS=":"}/JavaAppletPlugin/{count=3}count&&!--count&&($3==1||$3==5){$3--}1' > "${dat_file}"; } < "${dat_file}"
27    else
28        { rm "${dat_file}" && awk 'BEGIN{FS=OFS=":"}/JavaPlugin/{count=3}count&&!--count&&($3==1||$3==5){$3--}1' > "${dat_file}"; } < "${dat_file}"
29    fi
30    chown "${username}" "${dat_file}"
31done
32
33# disable Java in Firefox
34# after poking around in Firefox's sqlite files I went googling and found this post by Clay Caviness
35# https://plus.google.com/109088229817689076273/posts/7yH5QGJhuyN
36# I didn't know enough AWK to make that happen in a bash script but after a few tries 'mute' in #awk got it right for me
37
38# awk 'BEGIN{FS=OFS=":"}/JavaAppletPlugin/{p=3}p&&!--p&&($3==1||$3==5){$3--}1'
39
40# we can edit in-place with a little trick I orginally saw here
41# http://www.unix.com/shell-programming-scripting/35591-sed-awk-inplace-inline-edit.html
42
43
44# disable Java in Safari for all users
45
46for user in /Users/*; do
47    if [[ -e "${user}"/Library/Preferences ]]; then
48        defaults write "${user}"/Library/Preferences/com.apple.Safari WebKitJavaEnabled -bool FALSE
49        defaults write "${user}"/Library/Preferences/com.apple.Safari com.apple.Safari.ContentPageGroupIdentifier.WebKit2JavaEnabled -bool FALSE
50        chown "${user##*/}" "${user}"/Library/Preferences/com.apple.Safari.plist
51    fi
52done