Ensure unwanted enviorment variables are removed from the actual
global environment rather than just the `$_ENV` superglobal variable
Disable stream wrappers, as this is an unexpected feature for most
developers and can be exploited. For instance, `phar://` can be used
to override any class and thus provide code execution (through
`__wakeup` or `__costruct`, for instance). Not a complete solution, as
`php://` can also be abused, but we can't disable it as it gets used
_somewhere_ in our dependencies
Fixed minor issues with Commong:config of env not being included and ported to local social yaml
Fixed some regressions introduced with [CORE] Unset sensitive information from the environment
This has the benefit of requiring fewer code changes, as well as providing a better isolation
between GNU social and symfony, useful in case the framework needs to be changed
Advantages:
* Increases security by preventing direct access to file/
* We are careful and have a defined('GNUSOCIAL') || die() to prevent
direct access to GS files, but we may miss one or a vendor/extlib may
not be as careful
* Improves directory structure - It's more natural to physically
separate what is public from what are GNU social resources