No, it really isn't. The problem here is that greasemonkey works by injecting strings into an untrusted markup stream, when it should have been programmatically fiddling the model using priviledged APIs. Mozilla already has the the security model you recommend, but greasemonkey poked a big hole in it.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds