Securing the user's personal dats

[pfrazee]

We need to make sure the private/public dats can't have html/js written which then does something ugly to the user's data.

Some ideas:

• The private dat maybe shouldn't execute HTML/JS at all, because it creates a huge data-exfiltration risk. It also shouldn't allow CORS.
• Perhaps the public dat should have reduced privileges. For instance, it should not be allowed to self-modify.
• We could remove the ability of apps to write html/js, though that does stop "website making apps" from working on the user's website.