fix: builtins.toFile adds path to allowedPaths

The produced path is then allowed be imported or utilized elsewhere:
```
assert (43 == import (builtins.toFile "source" "43")); "good"
```

This will still fail on write-only stores.

doc/manual/src/release-notes/rl-next.md

@@ -2,3 +2,7 @@
 
 * `nix repl` has a new build-'n-link (`:bl`) command that builds a derivation
   while creating GC root symlinks.
+
+* The path produced by `builtins.toFile` is now allowed to be imported or read
+  even with restricted evaluation. Note that this will not work with a
+  read-only store.