Restrict Certain OLE Data Coming in From Different Processes

[lonitra]

Drag/drop or cut/paste items from one process to another can occur and there is no restrictions in place at the moment. We should consider adding the ability to avoid deserializing binary formatted OLE items unless source originated from in process via a switch. The key points to check at for whether the data came from a different process would be in Clipboard.GetDataObject and DropTarget.CreateWinFormsDataObjectForOutgoingDropData as these will occur before we pass the data back out to the user.
As part of this we should understand what OLE already does/does not allow e.g. is pasting/dropping allowed from elevated process to non-elevated? Vice versa? Etc. We should also determine whether the switch should be by default on or not.