[css-sizing-3] Improve priv-sec section.

Author: fantasai

css-sizing-3/Overview.bs

@@ -1380,4 +1380,16 @@ Acknowledgments</h2>
 <h2 class=no-num id=priv-sec>
 Privacy and Security Considerations</h2>
 
-This specification introduces no new privacy or security considerations.
+	In order to support automatic layout,
+	CSS sizes boxes to fit their contents.
+	In conjunction with various [[DOM]] and [[CSSOM]] APIs
+	which can return the size of those boxes to script,
+	this can expose information about those contents.
+	However, this information is more directly and easily available
+	by inspecting the DOM for the contents,
+	rather than indirecting through the box’s size.
+	Containers that can't have their contents inspected
+	(such as cross-origin <{iframe}>s)
+	also do not expose sizing information to the outer page,
+	except insofar as [=replaced elements=] such as images
+	expose their natural size and/or aspect ratio.