use XDG_RUNTIME_DIR instead of /tmp

The issue is, that POSIX only enforces the permissions of the containing directory but not the permissions of the socket itself. This can lead to potential security issues, as the command socket is not built for untrusted input. In the case that XDG_RUNTIME_DIR is not available, a directory under /tmp is created having the correct permissions to protect the socket under it.