Replace NodeJS abstraction layer with a proper IPC mirror

[rdw-software]

There should be no way to execute remote content if everything is run locally, as is the intended use case for all prototypes, but this must be fixed later (before an "official' public release). Currently, the NODE global exposes the NodeJS APIs we need (only fs), but it's not secure as any script could still require any other APIs they provide.

Roadmap:

• [ ] Replace this "fake" sandbox with a proper IPC mirror/preload script

See https://www.electronjs.org/docs/tutorial/security#2-do-not-enable-nodejs-integration-for-remote-content)

[rdw-software]

This could likely be generalized to a proper Security Manager (similar to https://wowpedia.fandom.com/wiki/Secure_Execution_and_Tainting), that also deals with Electron and IPC concerns. Addons should probably be limited, too, if not configured properly?

[rdw-software]

See also: https://codice.atlassian.net/wiki/spaces/DDF/pages/289275905/OSGi+Security+Manager

Addons could be restricted from modifying the default environment, while still having access to their own files/folders if needed, etc.

[rdw-software]

Electron has disabled this by default as of version 12. There's some alternatives here: https://stackoverflow.com/questions/44391448/electron-require-is-not-defined/57049268#57049268

Right now it doesn't matter, so I simply disabled contextIsolation, but I suppose sooner or later a proper solution needs to be implemented.

[rdw-software]

Some info here: https://github.com/reZach/secure-electron-template/blob/master/docs/secureapps.md