I would strongly recommend against disabling isolatedProcess as it would have serious, deleterious effects on security. As Primiano mentions, the isolatedProcess flag opts the process into much more restrictive SELinux policies. The isolated_app policy restricts access to Chrome's user data, access to other Binder services (which expose significant, privileged attack surface), and in some cases access to raw device nodes. The isolatedProcess flag also puts the process into a different user ID, so that it runs under a different security principal, isolating it from the main browser process (this happens pre-KitKat as well). Removing the isolatedProcess flag effectively means that the service process is not sandboxed. There is not really another option for creating a semantics layer sandbox to restrict resource access of a process on Android. It's possible stack other sandboxing technologies on top of the isolated_app SELinux sandbox, such as seccomp-bpf, to reduce attack surface; but the layer one sandbox should be this restrictive SELinux policy.