Implement GetSandboxType() on all platforms and implement for all process types.

chrome/browser/chrome_content_browser_client.cc

Index: chrome/browser/chrome_content_browser_client.cc
diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
index 3e860c04cca41b8465ad049fa05585051f5ae9de..dc89ef7bb83654228412a4f0ce9175d0ff5fdf51 100644
--- a/chrome/browser/chrome_content_browser_client.cc
+++ b/chrome/browser/chrome_content_browser_client.cc
@@ -121,6 +121,7 @@
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/child_process_host.h"
 #include "content/public/common/content_descriptors.h"
+#include "content/public/common/sandbox_type.h"
 #include "content/public/common/service_registry.h"
 #include "content/public/common/url_utils.h"
 #include "content/public/common/web_preferences.h"
@@ -2331,6 +2332,32 @@ const wchar_t* ChromeContentBrowserClient::GetResourceDllName() {
   return chrome::kBrowserResourcesDll;
 }
 
+base::string16 ChromeContentBrowserClient::GetAppContainerSidForSandboxType(
+    int sandbox_type) const {
+// TODO(wfh): Create specific SID for each channel.
+#if defined(GOOGLE_CHROME_BUILD)
+  const wchar_t kAppContainerPrefix[] =
+      L"S-1-15-2-3251537155-1984446955-2931258699-841473695-1938553385-"
+      L"924012148-";
+#else
+  const wchar_t kAppContainerPrefix[] =
+      L"S-1-15-2-3251537155-1984446955-2931258699-841473695-1938553385-"
+      L"924012149-";
+#endif
+  base::string16 sid(kAppContainerPrefix);
+
+  // Only PPAPI and renderer processes enjoy being inside App Containers at the
+  // moment.
+  switch (sandbox_type) {
+    case content::SANDBOX_TYPE_RENDERER:
+      return sid + L"129201922";
+    case content::SANDBOX_TYPE_PPAPI:
+      return sid + L"129201924";
+  }
+
+  return base::string16();
+}
+
 void ChromeContentBrowserClient::PreSpawnRenderer(
     sandbox::TargetPolicy* policy,
     bool* success) {