Add notice regarding deploy.php's use of `shell_exec`

[Nightfirecat]

Not all systems will have this enabled, and it is a risky feature for shared environments to use. The readme should reflect this.

[Nightfirecat]

The script should also probably make a check for this. If a system has shell_exec() disabled, we shouldn't be trying to run it.

[Nightfirecat]

I'm highly considering scrapping this, and just rewriting the shell portion as an actual shell script, and using proc_open() to bypass this glaring security vulnerability.