This allows KWin to securely identify the client for a given connection,
without relying on the process name.
This patch does not do anything meaningful with the application ID other
than store it.
This first version does not support kwin restarts, it can come
afterwards.
Testing done:
With latest flatpak, running `WAYLAND_DEBUG=1 flatpak run org.telegram.desktop |& grep security`
shows that flatpak itself bound the security context, and the client did not see it advertised.