Document transitive allowlisting limitations

[mlw]

Transitive allowlisting is a powerful feature to allow developers to live in LOCKDOWN mode. However there are certain limitations in the current implementation that developers need to be aware of to ensure the feature can work properly.

This largely means that Santa must be given a (brief) opportunity to create a transitive rule before any resultant binary is executed.

Solving this completely is likely not desirable. It would require a large amount of synchronization between Santa's event stream processing compiler operations and the event stream responsible for authorizing execs. This would require a lot of contention that would likely degrade build performance in unacceptable ways.