And this "festival --server" is a very unsafe solution due to the design of
festival server mode.
Any other local user will only need to use the command:
> telnet localhost 1314
> (system "ls")
Basically you are opening a user shell to anyone with access to
- Gives access to your shell to any other local user (which is dangerous
if there are other users in your computer)
- Gives access to your shell to any malicious website you visit that
uses a DNS rebinding attack (dangerous, unless you don't visit websites
We need a better alternative to this "festival --server" solution.
Festival was designed with speech synthesis research purposes in mind,
not as a user robust TTS system.
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
No /etc/init.d script
To manage notifications about this bug go to:
ubuntu-bugs mailing list