As Mr. Patrick Walton over there said, Mozilla is still building up the exact, minimal file-system permissions. So, yes, in that way it is still not yet on quite the same level as Chrome.
In terms of security architecture, there is to my knowledge only one bigger difference left and you can change that, if you want.
The difference is that Chrome will spawn a new process for every new tab (unless the webpage in it is from the same domain as another tab). Firefox instead will always round-robin the tabs across a fixed number of processes to achieve lower RAM usage and as result of that also somewhat better performance.
But you can tell Firefox to round-robin across up to 1000 processes or what have you, so that it then does spawn a new process for every new tab (and therefore sandboxes each tab individually).
To do so, go into about:config and set "dom.ipc.processCount" to a high number, like 1000.
I guess as long as it is not default behavior it will stay as a weakness then? I am not sure if it is worth to exchange it for memory or performance gain.
Also is using thread per tab approach more susceptible to memory leaks, resource sharing issues or OS scheduling shenanigans than process per tab approach? You close the tab, the process is dead and resources are mostly guaranteed to returned. My knowledge of modern browsers is limited, maybe this was considered an acceptable compromise though.
Though the Firefox developers aren't going to skimp on sandboxing (or other exploit mitigation techniques) just because of Rust. Defense-in-depth is the name of the game; Rust just provides a layer of language-level defense that C++ previously didn't offer.
In terms of security architecture, there is to my knowledge only one bigger difference left and you can change that, if you want.
The difference is that Chrome will spawn a new process for every new tab (unless the webpage in it is from the same domain as another tab). Firefox instead will always round-robin the tabs across a fixed number of processes to achieve lower RAM usage and as result of that also somewhat better performance.
But you can tell Firefox to round-robin across up to 1000 processes or what have you, so that it then does spawn a new process for every new tab (and therefore sandboxes each tab individually).
To do so, go into about:config and set "dom.ipc.processCount" to a high number, like 1000.