Process-hardening and permission-dropping as appropriate

C tor has a bunch of cute little features for hardening the process on different platforms, implemented in winprocess_sys.c, restrict.c, setuid.c and more places.

These are usually easy to apply once you know about them. We should take them in Arti. Some of these we should do unconditionally; some should live behind some kind of hardening option. An incomplete list:

Windows: HeapEnableTerminationOnCorruption
32-bit windows: SetProcessDEPPolicy
Disabling debugger attachment via prctl/ptrace/etc.
Disabling core dumps.
(See also #363 for capacilities and setuid.)

We probably don't want to implement:

mlockall() to disable swapping