fix: write CA certs to XDG_RUNTIME_DIR for per-user isolation

[cfis]

writeCaCertificate and buildCombinedCaBundle write to tmpdir() (/tmp/onecli-proxy-ca.pem, /tmp/onecli-combined-ca.pem), which is shared system-wide on Linux. Two users running OneCLI on one host clobber each other's cert files — last writer wins, the other user's containers trust the wrong CA.

This switches both writers to process.env.XDG_RUNTIME_DIR ?? tmpdir(). XDG_RUNTIME_DIR is /run/user/<uid>/ on Linux user sessions — already per-user, already cleaned up on logout. The fallback to tmpdir() preserves existing behavior on macOS/Windows and on Linux without an XDG runtime dir set.

[cfis]

Rebased to current main (v1.0.0+). The fix still applies cleanly. Motivation: two users running independent OneCLI gateways on the same host both call writeCaCertificate, which writes to tmpdir() (/tmp) — a system-wide path. Whoever spawns a container last wins; the other user's gateway hands containers the wrong cert and TLS handshakes fail. XDG_RUNTIME_DIR is per-user on Linux (/run/user/<uid>) and isolates the two writes. Falls back to tmpdir() on macOS/Windows where the env var isn't set. Verified end-to-end on a shared-host install today; happy to address any review feedback.