Run credentialsd as a separate user #88
Description
We need to move credentialsd to run as a separate system user in order to store files on behalf of the user without malicious applications running in the user's session being able to read them directly.
This will require moving credentialsd to run on the D-Bus system bus instance and setting up policies only to allow the system user.
This also means that the credentialsd service will have to check the UID of the caller to determine which files to serve.
We didn't do this at first to make initial development easier. Any pointers on how to develop services on the system bus without constantly being prompted for sudo access to install are appreciated. (Maybe that's just the solution.)