[doc] Add additional documentation around the use of submodules
What does this MR do?
This MR adds documentation to the runners' "security for self-managed runners" section warning about the possible vulnerabilities with git submodules.
Why was this MR needed?
The fix suggested in the ticket (implemented in !3668 (closed)) to delete the submodules is not sufficient because of the way git stores submodule contents. Short of deleting build directories for every build (which amounts to removing the GIT_STRATEGY=fetch config option), this is about all we can do.
What's the best way to test this MR?
N.A.