[meta] Improve Tor Browser Content Process Sandbox
This ticket is specifically for tightening the content process sandbox.
An attacker who achieves code execution inside the content process sandbox should not be able to achieve the most valuable goals (proxy bypass/persistent user identifier) inside the content process and should instead need a sandbox escape.