Comment 14 for bug 1219644

Regarding the /tmp access-- I'm guessing that TMPDIR is not being set by the process launching the confined plugin. It can be set to one of the writable directories in the 1.3.4 policy; I suggest /run/user/$USER/online-accounts-ui/@{APP_PKGNAME}_@{APP_APPNAME}/ since it is in /run and will be cleaned on reboot. If you pick this, I'll adjust the policy.