security: Use `/var/tmp` safely

[bdarnell]

In a multi-user system, the testserver binary could have been written by another user and may be malicious. We should include the username in the path (either in the filename or as an intermediate directory; I think a directory might be a little safer) and verify that ownership and permissions are as expected.

[benesch]

@bdarnell, should we perhaps use user cache dirs instead? I.e., $XDG_CACHE_HOME/cockroach (default $HOME/.cache/cockroach) on Unix, ~/Library/Caches/Cockroach on macOS, and %appdir%/Cockroach on Windows.

[bdarnell]

Yeah, maybe. Dealing with platform-specific caching directories might be easier than dealing with long-term use of /tmp/.