Revert "Make --nofilesystem=host/home remove access to subdirs of those"

This caused regressions for some previously-working use cases. For
example, some Flatpak users previously used a global
`flatpak override --nofilesystem=home` or
`flatpak override --nofilesystem=host`, but expected that individual apps
would still be able to have finer-grained filesystem access granted by the
app manifest, such as Zoom's `--filesystem=~/Documents/Zoom:create`. With
the changes in 1.12.3, this no longer has the desired result, because
`--nofilesystem=home` was special-cased to disallow inheriting the
finer-grained `--filesystem`.

This reverts commit 445bddeee657fdc8d2a0a1f0de12975400d4fc1a.

This reverts the initial solution to CVE-2022-21682, which we intend to
resolve differently, by introducing a new feature in Flatpak and making
use of it in a new flatpak-builder version.

Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 917a7f5870bad7b58a964e14a133425315454a6f)