Remove mention of the nacl process in content.

chrome/nacl/nacl_exe_win_64.cc

Index: chrome/nacl/nacl_exe_win_64.cc
===================================================================
--- chrome/nacl/nacl_exe_win_64.cc	(revision 188116)
+++ chrome/nacl/nacl_exe_win_64.cc	(working copy)
@@ -20,10 +20,26 @@
 #include "content/public/app/startup_helper_win.h"
 #include "content/public/common/main_function_params.h"
 #include "content/public/common/sandbox_init.h"
+#include "sandbox/win/src/sandbox_policy.h"
 #include "sandbox/win/src/sandbox_types.h"
 
 extern int NaClMain(const content::MainFunctionParams&);
 
+namespace {
+// This code is duplicated in chrome_browser_main_win.cc.
+void AddPolicyCallback(CommandLine* cmd_line,
+                       sandbox::TargetPolicy* policy) {
+  // Allow the server side of a pipe restricted to the "chrome.nacl."
+  // namespace so that it cannot impersonate other system or other chrome
+  // service pipes.
+  sandbox::ResultCode result = policy->AddRule(
+      sandbox::TargetPolicy::SUBSYS_NAMED_PIPES,
+      sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY,
+      L"\\\\.\\pipe\\chrome.nacl.*");
+  CHECK(result == sandbox::SBOX_ALL_OK);
+}
+}
+
 // main() routine for the NaCl broker process.
 // This is necessary for supporting NaCl in Chrome on Win64.
 int NaClBrokerMain(const content::MainFunctionParams& parameters) {
@@ -63,6 +79,8 @@
   if (command_line.HasSwitch(switches::kEnableLogging))
     base::RouteStdioToConsole();
 
+  content::SetSandboxedProcessStartingCallback(base::Bind(AddPolicyCallback));
+
   // Initialize the sandbox for this process.
   bool sandbox_initialized_ok = content::InitializeSandbox(&sandbox_info);
   // Die if the sandbox can't be enabled.