On Linux, as of Firefox 60, Firefox now uses Linux namespaces to isolate the various processes it starts from the rest of the system, where supported. https://wiki.mozilla.org/Security/Sandbox#Linux This is the same approach taken by Chromium. I can't say anything for certain about other operating systems, haven't really looked into it.

I suppose that doesn't answer the question of whether pdf.js specifically runs inside one of the sandboxed processes, but it seems very likely that it does.