In /usr/bin/powerline-daemon on non-linux systems:
33 USE_FILESYSTEM = not sys.platform.lower().startswith('linux')
a predictable filename is used in /tmp
438 if USE_FILESYSTEM:
439 address = '/tmp/powerline-ipc-%d'
that allows local attackers to take over the socket by racing with the check in check_existing.

This is also a (minor) information leak possibility.

Please move the socket to /run/user/

thumbs up I think.