And this "festival --server" is a very unsafe solution due to the design of festival server mode. Any other local user will only need to use the command:
> telnet localhost 1314 > (system "ls") Basically you are opening a user shell to anyone with access to localhost. This: - Gives access to your shell to any other local user (which is dangerous if there are other users in your computer) - Gives access to your shell to any malicious website you visit that uses a DNS rebinding attack (dangerous, unless you don't visit websites or you disable javascript).See https://security.stackexchange.com/questions/147175/is-http-to- localhost-safe We need a better alternative to this "festival --server" solution. Festival was designed with speech synthesis research purposes in mind, not as a user robust TTS system. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/692996 Title: No /etc/init.d script To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/festival/+bug/692996/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
