I do sometimes use Speakup via ssh. Sometimes I want to make sure my hardware synthesizer is working. I often build new Speakup modules via ssh for convenience. When I was playing with virtual machines and DOSemu, I tried sending output through Speakup. I'm actually wondering if there could be a potential security issue with a remote user flooding a hardware synth buffer by sending massive amounts of text to it. I have verified that I can make my synth talk from across the room with ssh, so presumably there would definitely be a security issue in that a user could send unwanted and/or annoying messages to your synth when you aren't expecting it. In the case of the DECtalk, they could send text without a closing bracket and potentially cause loss of speech. On 11/9/2009 8:35 PM, Steve Holmes wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: RIPEMD160 > > And to add to this suggestion, while in that same shell, you could > pipe the pasted contents into xclip in much the same way and then you > have it in the X clipboard also. > > I like the idea of the select group to hold all speakup settings. > This would improve security issues in general, I think. I like the > concept of using /sys/accessibility/speakup/clip or whatever to hold a > file name that could then be used and owned by a specific user but I > also understand the downside to this as was pointed out earlier in > this thread. > > I wonder if tiing this business to virtual consoles wouldn't be a bad > idea. I mean, think about it. First off, speakup would never be used > by a remote user like over ssh; at least I can't imagine such a case. > As I think about it right now, I would think that could be an > excellent way to secure this aspect. If the speakup cut/paste feature > is accessing the resource, any other users currently using the system > are mostlikely not on the virtual consoles and would probably have no > idea it was in use. >
