Fix security issues from audit

[Floppy]

Fix issues that came out of #1678. Full report is at https://git.radicallyopensecurity.com/nlnet/ngie-manyfold/-/jobs/127613/artifacts/file/target/report_ngie-manyfold.pdf

High

• [x] #2234

Elevated

• [x] #2235
• [x] #2236

Moderate

• [x] #2237
• [x] #2238
• [x] #2239
• [x] #2240
• [x] #2241

Low

• [x] #2242
• [x] #2243
• [x] #2244

NLNet milestone 4.5

[Floppy]

A lovely followup note from our pentester, who can't post it as themselves:

I am the pentester who conducted the security assessment for this project, I'm impressed by the comprehensive list of resolved issues presented here. It's encouraging to see that nearly all identified vulnerabilities appear to have been addressed. While I haven't verified these fixes through retesting, the extensive changes documented and the detailed nature of this update are highly promising. I commend @Floppy 's efforts in prioritizing security and implementing these improvements. Great work on enhancing the project's security posture!

[Floppy]

2242 will be closed as part of the library storage rewrite that is happening imminently as part of #1670