[DOCS] Document impexp user TSconfig

Add the following information to impexp documentation:

- export functionality is restricted to admin users and
  users for which the new User TSconfig option
  options.impexp.enableExportForNonAdminUser has been
  set
- export functionality poses security risk as explained
  in patch https://review.typo3.org/c/Packages/TYPO3.CMS/+/74902
- the same restrictions apply to the import functionality
  (which is not new but has not been documented)

Resolves: #97899
Releases: main, 11.5, 10.4
Change-Id: Icb16dc97505a3bbe671357555bb786705121cb67
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/75070


Tested-by: core-ci <typo3@b13.com>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: Oliver Bartsch <bo@cedev.de>

typo3/sysext/impexp/Documentation/Usage/Export.rst

@@ -6,6 +6,21 @@
 Export
 ======
 
+The export functionality is only available for admin users and Backend
+users for which the Page TSconfig option
+:ref:`options.impexp.enableExportForNonAdminUser <t3tsconfig:useroptions-impexp-enableExportForNonAdminUser>`
+has been enabled.
+
+.. attention::
+
+    The export functionality has the following security drawbacks:
+
+    *  Export for editors is not limited on field level
+    *  The "Save to filename" functionality saves to a shared folder, which
+       other editors with different access rights may have access to.
+
+    Thus, permissions should be handed out restrictively.
+
 .. rst-class:: bignums
 
    1. Go to the export module

typo3/sysext/impexp/Documentation/Usage/Import.rst

@@ -6,6 +6,11 @@
 Import
 ======
 
+The import functionality is only available for admin users and Backend
+users for which the Page TSconfig option
+:ref:`options.impexp.enableImportForNonAdminUser <t3tsconfig:useroptions-impexp-enableImportForNonAdminUser>`
+has been enabled.
+
 .. note::
 
    Make sure that any required extensions are installed and the database scheme