WIP: Adding check for bucket sniping

[tweedge]

Hey y'all, wanted to circle around on #142 - this is a WIP PR which adds a "may_be_internet_accessible" check to policies/statements for inconclusive checks, as opposed to "is_internet_accessible" which is definite.

I'll be totally honest, I don't really feel like doing this in policy.py/statement.py is the right choice, as this starts to overload the class and could be a pain. Especially if more is added down the line, such as checking for ForAllValues conditions which could fail open (i.e. optional keys, which could be a null set).

I think splitting policy 'advisories' as it were to a new file might be helpful, though that would take some re-architecting, and I'm happy to pursue a demo of that as well.

It's also totally acceptable to say "Holy scope creep, Batman! This is going to be more trouble than it's worth, let's hold off" :)

[tweedge]

Holy bad UX, this was not merged, GitHub.

FYI: I force pushed on my own repo to get up to date and willingly discarded the proposed change (unneeded/not a great solution). Apparently GitHub shows this as a completed merge. No change was made.