Implement sandboxing for Android Cuttlefish VM's

[marktefftech]

When launching virtual cuttlefish machines, we use the following code, which specifically disables sandboxing behavior for the Cuttlefish device:

 launch_cvd_command_line = (
      f'sudo {launch_cvd_path} --daemon --memory_mb={device_memory_mb} '
      '--report_anonymous_usage_stats=Y --enable_sandbox=true --resume=false')

We try to keep sandboxing enabled when possible since it enhances security.

The goal of this issue is to track the disablement, which is required to successfully launch the virtual devices.