fs-mistrust needs more flexibility for tor-rpc-connect

While working on tor-rpc-connect, I find that I want some additional functionality from fs-mistrust:

• The optional ability to open a path from within a CheckedDir even if that path is a symlink. (This might require additional checking.) (need)
• The ability to create world-readable files (mode 0644). (need)
• The ability to open/read/write a path without creating a CheckedDir.
• The ability to cleanly check the parent of a path in preparation for writing to it.
• An equivalent to write_and_replace that returns a File-like object.

The items marked with need are actually required; the others are merely desirable.