Improve the disk leak sanitization on start-$browser

We received this user feedback:

[...]

With commands "# Prevent disk leaks in $HOME/.local/share (tor-browser#17560 (closed))"
You totally removed my folder "/home/USERX/.local/share"

Why:
"Mullvad/Browser/.local" folder in my config is a symlink to my real "home/USERX/.local".

[...]

While this user was running an unsupported configuration, I think it highlights that we have some room for improvement:

1. we can check realpath first: if it's outside the Browser directory, we bail
2. we make that delete more precise (i.e., we remove only the relevant GTK files)