Access Control
Access control is needed on pulse for sandboxing, and for a better systemd-wide mode support. Right now, applications can spy on on other apps audio streams using the monitor commands.
For example, we can listen to other applications audio streams simply by doing:
$ pactl list sinks
Sink #0
State: RUNNING
Name: alsa_output.usb-Logitech_Inc._Logitech_USB_Headset_H340-00.analog-stereo
Description: Headset H340 Analog Stereo
...
Sink #1
State: IDLE
Name: alsa_output.pci-0000_00_14.2.analog-stereo
Description: Built-in Audio Analog Stereo
$ parec --file-format=wav -d alsa_output.usb-Logitech_Inc._Logitech_USB_Headset_H340-00.analog-stereo.monitor snooped-audio.wav
Moreover, we can suspend any sink, thus effectively force-muting all audio by simply using:
$ pactl suspend-sink alsa_output.usb-Logitech_Inc._Logitech_USB_Headset_H340-00.analog-stereo 1
And the list goes on. These features are termendously helpful, but they were created in the era when security was done per user rather than per application. PulseAudio needs to modernize a bit in this area.