Made setting lowbox token a warning.

sandbox/win/src/target_process.h

Index: sandbox/win/src/target_process.h
diff --git a/sandbox/win/src/target_process.h b/sandbox/win/src/target_process.h
index 384f2c18bc1d854269665d92163161d7f8c7e7fd..70b7b32c30e78aaacda6ce3e400e7ed377f860df 100644
--- a/sandbox/win/src/target_process.h
+++ b/sandbox/win/src/target_process.h
@@ -40,7 +40,6 @@ class TargetProcess {
   // and |lowbox_token|.
   TargetProcess(base::win::ScopedHandle initial_token,
                 base::win::ScopedHandle lockdown_token,
-                base::win::ScopedHandle lowbox_token,
                 HANDLE job,
                 ThreadProvider* thread_pool);
   ~TargetProcess();
@@ -60,6 +59,11 @@ class TargetProcess {
                     base::win::ScopedProcessInformation* target_info,
                     DWORD* win_error);
 
+  // Assign a new lowbox token to the process post creation. The process
+  // must still be in its initial suspended state, however this still
+  // might fail in the presence of third-party software.
+  ResultCode AssignLowBoxToken(const base::win::ScopedHandle& token);
+
   // Destroys the target process.
   void Terminate();
 
@@ -114,9 +118,6 @@ class TargetProcess {
   // The token given to the initial thread so that the target process can
   // start. It has more powers than the lockdown_token.
   base::win::ScopedHandle initial_token_;
-  // The lowbox token associated with the process. This token is set after the
-  // process creation.
-  base::win::ScopedHandle lowbox_token_;
   // Kernel handle to the shared memory used by the IPC server.
   base::win::ScopedHandle shared_section_;
   // Job object containing the target process.