Trim and explain set of safe forms for 'unsafep' (bug#44018)

* lisp/emacs-lisp/unsafep.el:
Add comment explaining the policy for which forms can be considered
'safe' in the sense of unsafep.  Remove ones that didn't make the cut:

 play-sound-file (large attack surface)
 catch, throw (alter program flow, inject data)
 replace-regexp-in-string (execute arbitary code)
 error, signal (deceptive messages)

* test/lisp/emacs-lisp/unsafep-tests.el (unsafep-tests--unsafe):
Add test cases.
* etc/NEWS: Announce the change.

0 files changed, 0 insertions, 0 deletions