After using spd-say (with pico TTS) with the root account, spd-say stops working for users

Bug #1291105 reported by Jean-Philippe Guérard on 2014-03-11
This bug affects 1 person
Affects Status Importance Assigned to Milestone
speech-dispatcher (Ubuntu)

Bug Description

The command definition (GenericExecuteSynth) in /etc/speech-dispatcher/modules/pico-generic.conf use a fixed file name for the wave file ($TMPDIR/pico.wav):

GenericExecuteSynth \
"pico2wave -w $TMPDIR/pico.wav -l $VOICE \'$DATA\' && $PLAY_COMMAND $TMPDIR/pico.wav

If you use spd-say or a speech dispatcher enabled application with root, it will create the pico.wav file owned by root with restricted permissions.

If you try to use spd-say with a different user, it will then fail, failing to access the /tmp/pico.wav file.

A solution would be to create a temporary file per user ID:

GenericExecuteSynth \
"USERID=`id -u` && umask 077 && pico2wave -w $TMPDIR/pico-$USERID.wav -l $VOICE \'$DATA\' && $PLAY_COMMAND $TMPDIR/pico-$USERID.wav"

description: updated

Have you tested this fix? I only ask because I am not sure shell constructs like environment variable declaration work in that context.

Yes, the fix is tested and works nicely.

description: updated
Luke Yelavich (themuso) wrote :

I've actually got a better idea. Instead of checking the user id, we can use XDG_RUNTIME_DIR as a base for the wav file. So something like $XDG_RUNTIME_DIR/speech-dispatcher. That will be cleaned up when the user logs out, and nobody then knows that another user is using speech-dispatcher's generic synth mechanism. Probably not really a security issue, but is still cleaner as this file is temporary for only the logged in user, and only for their session.

I'll go ahead and implement this unless you have an objection.

That seems like a good idea.

I did some additional tests. This does not work in all cases.

If I switch to root with a "sudo su -", XDG_RUNTIME_DIR is not defined.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers