Remove mention of the nacl process in content.

content/common/sandbox_policy.cc

Index: content/common/sandbox_policy.cc
===================================================================
--- content/common/sandbox_policy.cc	(revision 188116)
+++ content/common/sandbox_policy.cc	(working copy)
@@ -323,14 +323,6 @@
                            L"\\??\\pipe\\chrome.*");
   if (result != sandbox::SBOX_ALL_OK)
     return false;
-  // Allow the server side of a pipe restricted to the "chrome.nacl."
-  // namespace so that it cannot impersonate other system or other chrome
-  // service pipes.
-  result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES,
-                           sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY,
-                           L"\\\\.\\pipe\\chrome.nacl.*");
-  if (result != sandbox::SBOX_ALL_OK)
-    return false;
   // Allow the server side of sync sockets, which are pipes that have
   // the "chrome.sync" namespace and a randomly generated suffix.
   result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES,
@@ -820,6 +812,10 @@
     return 0;
   }
 
+#if !defined(NACL_WIN64)
+  GetContentClient()->AddPolicy(cmd_line, policy);

[cpu_(ooo_6.6-7.5), 2013/03/15 17:58:53]

how about not having this #if here and have it in the other side of the call?

[jam, 2013/03/15 18:06:33]

the problem was that the nacl win64 binary doesn't link with ContentClient.

btw i'm still trying to find a clean way of doing this :) (that's why I didn't
send it out for review yet)

+#endif
+
   if (browser_command_line.HasSwitch(switches::kEnableLogging)) {
     // If stdout/stderr point to a Windows console, these calls will
     // have no effect.