Use cases involving running of test suites and doc generation require
more liberal ownership and read/write permission to application files.
When runs.insecurely is set to true, the effective runtime user will
be lives.as, the same user that owns the application files and
D999 is a complement to this change to allow restrictions on this and
other potentially sensitive configuration.