I've asked one of my colleagues to write a longer response to this (we may post it on the developer blog), but I'll give you a short answer in the meantime. We don't do sand-boxing - I think a look at the amount of money that's gone into NaCl shows that a startup would have no chance of pulling that off.
By being pointer-less, we block a lot of potential malicious code. If you don't have access to memory, it's hard to write anything dangerous. Our bigger concern with the plug-in is around our extension system - it allows us to include existing libraries, which of course means it's opening up to C/C++. Consequently, we force explicit install of extensions - if a developer builds a custom extensions, then the end user has to install it, the same as if you were choosing to install a local application.
By being pointer-less, we block a lot of potential malicious code. If you don't have access to memory, it's hard to write anything dangerous. Our bigger concern with the plug-in is around our extension system - it allows us to include existing libraries, which of course means it's opening up to C/C++. Consequently, we force explicit install of extensions - if a developer builds a custom extensions, then the end user has to install it, the same as if you were choosing to install a local application.