Remove sandbox on Windows.

components/nacl/broker/nacl_broker_listener.cc

Index: components/nacl/broker/nacl_broker_listener.cc
diff --git a/components/nacl/broker/nacl_broker_listener.cc b/components/nacl/broker/nacl_broker_listener.cc
index 2704695a4bc3a1e038e969943f008a920962b59c..ba589714ced0266ce036e7d3005b2728fd312832 100644
--- a/components/nacl/broker/nacl_broker_listener.cc
+++ b/components/nacl/broker/nacl_broker_listener.cc
@@ -22,7 +22,6 @@
 #include "ipc/attachment_broker_unprivileged.h"
 #include "ipc/ipc_channel.h"
 #include "ipc/ipc_switches.h"
-#include "sandbox/win/src/sandbox_policy.h"
 
 namespace {
 
@@ -56,16 +55,7 @@ void NaClBrokerListener::Listen() {
 
 // NOTE: changes to this method need to be reviewed by the security team.
 bool NaClBrokerListener::PreSpawnTarget(sandbox::TargetPolicy* policy) {
-  // This code is duplicated in chrome_content_browser_client.cc.
-
-  // Allow the server side of a pipe restricted to the "chrome.nacl."
-  // namespace so that it cannot impersonate other system or other chrome
-  // service pipes.
-  sandbox::ResultCode result = policy->AddRule(
-      sandbox::TargetPolicy::SUBSYS_NAMED_PIPES,
-      sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY,
-      L"\\\\.\\pipe\\chrome.nacl.*");
-  return result == sandbox::SBOX_ALL_OK;
+  return true;
 }
 
 void NaClBrokerListener::OnChannelConnected(int32_t peer_pid) {
@@ -109,8 +99,7 @@ void NaClBrokerListener::OnLaunchLoaderThroughBroker(
     cmd_line->AppendSwitchASCII(switches::kProcessChannelID,
                                 loader_channel_id);
 
-    base::Process loader_process = content::StartSandboxedProcess(
-        this, cmd_line, base::HandlesToInheritVector());
+    base::Process loader_process = base::LaunchProcess(*cmd_line, base::LaunchOptions());
     if (loader_process.IsValid()) {
       // Note: PROCESS_DUP_HANDLE is necessary here, because:
       // 1) The current process is the broker, which is the loader's parent.