© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
And this "festival --server" is a very unsafe solution due to the design of festival server mode.
Any other local user will only need to use the command:
> telnet localhost 1314
> (system "ls")
Basically you are opening a user shell to anyone with access to localhost. This:
- Gives access to your shell to any other local user (which is dangerous if there are other users in your computer)
- Gives access to your shell to any malicious website you visit that uses a DNS rebinding attack (dangerous, unless you don't visit websites or you disable javascript).See https:/
We need a better alternative to this "festival --server" solution. Festival was designed with speech synthesis research purposes in mind, not as a user robust TTS system.