New ruleset: use least privilege if possible when calling `SetBindings`

[thypon]

When creating a WebUI, it is crucial to establish the principle of least privilege. One way to do this is by setting the bindings policy to BINDINGS_POLICY_NONE. This policy disallows connections to the browser process, reducing the potential attack surface.

Cc @diracdeltas

Reference: https://source.chromium.org/chromium/chromium/src/+/main:content/public/browser/web_ui.h;l=78;drc=719c18366c0226fa751f38693b00f822d1b7ea9b;bpv=1;bpt=1