[icebraining]

Depends on what JS it is. Obviously websites can't, but a huge part of Firefox is coded in JS, which runs with high privileges. It's perfectly possible that tab specific trusted JS code (including possibly extensions code) wasn't compartmentalized and now is.

[tptacek]

Sure! Just keep in mind that a lot of that "trusted JS" is actually just a thin wrapper around C/C++ code, and the C/C++ code tends to be where the problems arise.