Currently sandbox policy does not allow filesystem rules to be placed onto directories that contain reparse points in the paths.

This is implemented in PreProcessName in src/filesystem_policy.cc

We could consider relaxing this policy as Windows now blocks non writable mount points from sandboxes so the original risks are not as worrisome as before.

This has benefit of sandbox intercepts working fully on machines using e.g. user profile disks on RDS e.g. issue 413889