Re: [orca-list] Fwd: Re: pulse audio Speakup and orca

From: "B. Henry" <burt1iband gmail com>
To: Janina Sajka <janina rednote net>, orca-list gnome org
Subject: Re: [orca-list] Fwd: Re: pulse audio Speakup and orca
Date: Sat, 28 Nov 2015 12:48:03 -0600


If this is indeed the only  known risk then I agree that the potential use/abuse of the vulnerability is not 
much of a real world danger.
The only thing that comes to mind is that if this were leveraged by someone connecting to the computer via 
SSH with out permission..., but if you have 
been hacked/compromised to that point you are in deep doo-doo as they say.
    
   


-- 
     B.H.
   Registerd Linux User 521886


  Janina Sajka wrote:
Sat, Nov 28, 2015 at 09:45:50AM -0500

I've seen the pa security claims, but I cannot accept them as legitimate
claims.

The notion appears to be that one user could control the audio mic
capture for a different user -- all on the same computer. For me this is
over the top. Any two people sharing a computer with that level of
distrust between them have far deeper problems in their relationship
than how to configure audio.

Janina

B.Henry writes:

     B.H.
   Registerd Linux User 521886

-------- Forwarded Message --------
Subject:    Re: [orca-list] pulse audio Speakup and orca
Date:       Tue, 10 Nov 2015 17:54:36 -0600
From:       B.Henry <burt1iband gmail com>
Reply-To:   burt1iband gmail com
To:         Al Sten-Clanton <albert e sten_clanton verizon net>

fir Firstly, I am not sure this would solve things on espeakup using
systems, but it might, but more important there are security reasons
that PA is generally not run system wide.
Perhaps someone can chime in and explain potential risks as I've never
studied this in any detail and forget some of the generality I did
understand 4 years ago.
You can certainly set this up for yourself, but only a distro targeting
screenreader users would consider this, and sadly some of these do not
even bother to get console speech close to ready.
Mainstream distros would certainly be ill advised to take the security
risk.
It's easy enough to get things working as things are now anyway.
Another option besides scripting espeakup or speechd-up start is to bind
a command to a keyboard shortcut, i.e. go in to your Gui's keyboard
shortcuts interface in a control center or under preferences in system
menus and make a hotkey for
sudo espeakup
or
sudo speechd-up
Still another option is to make a bash alias to run the correct command
for your system and run it from a terminal emulater, gnome, mate, lx, or
which ever terminal you prefer and have.

     B.H.
   Registerd Linux User 521886

On 10/11/15 04:23 PM, Al Sten-Clanton wrote:

Would pulseaudio have to be systemwide in order to get Speakup talking
automatically upon boot?  If so, I vote for systemwide.

Al

On 11/10/2015 2:44 PM, Alex Midence wrote:

It isn't necessary to use systemwide Pulse audio anymore.  I use
console speech on my Ubuntu box at home which has Pulse Audio
installed and configured in the recommended way (not systemwide) and
I am able to use Speakup just fine.  The trick is to start it from a
Gnome Terminal within X:

sudo modprobe speakupg_soft start=1
sudo espeakup

Just my thoughts,
Alex M


-----Original Message-----
From: orca-list [mailto:orca-list-bounces gnome org] On Behalf Of
Mike and Jenna
Sent: Tuesday, November 10, 2015 1:37 PM
To: orca-list gnome org
Subject: [orca-list] pulse audio speakup and orca

Hi,

I am coming a long way on the new directions for making a newer
version of debian Vinux butt want to maybe get some suggestions I
recompiled espeak to use  pulse audio I will paste the instructions
that I have required from john and a few others from mailing lists.

Edit the Makefile and find the section which reads like this:

# 'runtime' uses pulseaudio if it is running, else uses portaudio
#AUDIO = runtime AUDIO = portaudio #AUDIO = portaudio0 #AUDIO =
portaudio2 #AUDIO = pulseaudio #AUDIO = sada

And simply change it to read thusly:

# 'runtime' uses pulseaudio if it is running, else uses portaudio
#AUDIO = runtime #AUDIO = portaudio #AUDIO = portaudio0 #AUDIO =
portaudio2 AUDIO = pulseaudio #AUDIO = sada

As you can see I just commented out portaudio and uncommented
pulseaudio.


cd ../../
apt-get install espeakup
cd espeakup-0.71/
make
make install

modprobe speakup-soft
espeakup

Now I wonder If I should go threw this next part and try as I am
building it as a rolling release using sid and apt-get -u to hold
back broken packages

Here is the part in question mind you I am using software speech and
not hardware speech.

In Debian Jessie/Sid, you will need to edit /etc/default/pulseaudio
to have this line:

PULSEAUDIO_SYSTEM_START=1

And in /etc/pulse/client.conf:

autospawn = no

It's been a while since I configured speech for orca, but I think I
had to modify /etc/speech-dispatcher/speechd.conf to use a unix socket:

SocketPath "/var/run/speech-dispatcher/speech-dispatcher.sock"

And in my .bash_profile, I added:

export
SPEECHD_ADDRESS="unix_socket:/var/run/speech-dispatcher/speech-dispatcher.so

ck"

I use hardware speech with speakup on the machine running orca and I
don't run orca on the machine using espeakup, so I can't say that it
will work for both orca and speakup with espeakup. Please follow up
if I missed something.

Here is a link to the bug report.

https://bugzilla.redhat.com/show_bug.cgi?id=481651


_______________________________________________
orca-list mailing list
orca-list gnome org
https://mail.gnome.org/mailman/listinfo/orca-list
Orca wiki: https://wiki.gnome.org/Projects/Orca
Orca documentation: https://help.gnome.org/users/orca/stable/
GNOME Universal Access guide:
https://help.gnome.org/users/gnome-help/stable/a11y.html
Log bugs and feature requests at http://bugzilla.gnome.org

_______________________________________________
orca-list mailing list
orca-list gnome org
https://mail.gnome.org/mailman/listinfo/orca-list
Orca wiki: https://wiki.gnome.org/Projects/Orca
Orca documentation: https://help.gnome.org/users/orca/stable/
GNOME Universal Access guide:
https://help.gnome.org/users/gnome-help/stable/a11y.html
Log bugs and feature requests at http://bugzilla.gnome.org

_______________________________________________
orca-list mailing list
orca-list gnome org
https://mail.gnome.org/mailman/listinfo/orca-list
Orca wiki: https://wiki.gnome.org/Projects/Orca
Orca documentation: https://help.gnome.org/users/orca/stable/
GNOME Universal Access guide:
https://help.gnome.org/users/gnome-help/stable/a11y.html
Log bugs and feature requests at http://bugzilla.gnome.org

_______________________________________________
orca-list mailing list
orca-list gnome org
https://mail.gnome.org/mailman/listinfo/orca-list
Orca wiki: https://wiki.gnome.org/Projects/Orca
Orca documentation: https://help.gnome.org/users/orca/stable/
GNOME Universal Access guide: https://help.gnome.org/users/gnome-help/stable/a11y.html
Log bugs and feature requests at http://bugzilla.gnome.org



-- 

Janina Sajka, Phone:  +1.443.300.2200
                      sip:janina asterisk rednote net
              Email:  janina rednote net

Linux Foundation Fellow
Executive Chair, Accessibility Workgroup:     http://a11y.org

The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
Chair,        Protocols & Formats     http://www.w3.org/wai/pf

Follow-Ups:
- Re: [orca-list] Fwd: Re: pulse audio Speakup and orca
  - From: Jason White

References:
- [orca-list] Fwd: Re: pulse audio Speakup and orca
  - From: B.Henry
- Re: [orca-list] Fwd: Re: pulse audio Speakup and orca
  - From: Janina Sajka

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]