Comment 17 for bug 1224756

For the broader concept of PulseAudio and security, the native protocol of PulseAudio was not built with security in mind, if you by security mean that some connected clients should be able to do some things, and other connected clients should be able to do other things. Right now, as soon as you have a connection to the server, you can do everything from recording audio to mute other applications.

Implementing a limited client in PulseAudio is of course possible, but needs quite a bit of work, and lots of careful thought not to leave anything open security wise.

I haven't been following the discussions around the Touch security stuff much, and I don't know what trust-store is. So maybe I would need some introduction, and then we need to brainstorm a bit on the topic and see what we come up with?