I don't understand why we set the umask at all.

If the old umask is so strict that it prevents pulseaudio from reading or writing its own files, then that would seem to me just plain broken configuration that we don't need to work around.

If the old umask is 0077, that could prevent clients from other users communicating with the server, except that it doesn't. Connections from other users are prevented anyway in the per-user mode (all created directories, including the one where the socket is, have permissions 0700), and in the system mode all directories are created with permissions 0755 regardless of the umask. The socket file is always created with permissions 0777, so all users always have access to the system mode socket.

If the old umask is overly lenient, then so what? Pulseaudio only creates files in directories that it creates, and since in the per-user mode all directories are created with permissions 0700, other users won't have access to those files anyway.

Hmm, there's one case where there could be a problem: if pulseaudio runs in the system mode, and it's started with umask 0000, then anyone can write to the state files that pulseaudio creates. I think this could be solved by setting the umask only in the system mode (the umask() call was actually added in the commit that introduced the system mode, so the original purpose seems to be system mode related anyway). While we're at it, the umask could be tightened to 0077, since the state files can reveal some slightly privacy-sensitive information that shouldn't be readable by everyone.

Setting the umask to 0077 also in the per-user case probably wouldn't do any harm, though. What possible use case is there for users to look at each others' pulseaudio state files? Maybe we should just always set it to 0077.

I sent a patch to the mailing list:
https://patchwork.freedesktop.org/patch/172255/

The patch is now in the "next" branch. Closing bug.