* Unrestricted read access to the local file system in order to load file:// URIs
* Remote content must never be loaded as the top level (remote content must load in the web content process)
** Documents loaded form file:// URIs can load remote content though (see issue 1 below).
* Otherwise the same exceptions as a web content process
'''Open Issues'''
1. # The file content process is currently allowed to access remote content, and this is likely to remain as conceptually locally hosted webpages may legally request remote resources. A remote attacker able to coerce the browser to initiate the File Content process to load a nested resource such as iframe, would be able to bypass the file read restrictions of the Web Content Sandbox. We need to ensure that this is not possible.2. # What is the file access policy for the WebExtension process? Can we increase restrictions of the content process sandbox post-depreciation of old-style addons?
=== Network connectivity ===
