Changes

The basis of the Firefox process sandboxing is that untrusted web content is loaded in untrusted Content Process, separated from the parent Chrome process which acts a broker to access privileged OS functionality and data. Content processes execute in a sandbox which limits the system privileges so that if a malicious web page manages exploits a vulnerability to execute arbitrary code it will be unable to compromise the underlying OS.

[[File:Sandbox Hardening.png|thumbnail]]

'''Open Questions'''

* What other things fall into the same category (is there a better name for this?)

=== IPDL ===

See bug https://bugzilla.mozilla.org/show_bug.cgi?id=1041862