Support an amnesiac profile directory.
Basic idea is to copy the profile directory into a new tmpfs mount inside the container on each launch so that even if firefox writes evil to it, said evil will be non-persistent.
The drawback is that this applies to bookmarks and preferences, so it can't be the default behavior, but as an "improve security" option, it's easy to do.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information