Er... Isn't the issue that you're trying to read a directory that's an ancestor of the file in question? That's not allowed by security policy in Firefox 3, and doesn't seem to be related to bug 397828 to me.
Thank you for your time, and for the link. I was attempting to do something which is forbidden with very good cause by default in Firefox 3, and only after a lot of discussion. My desire was to enumerate images for display without hard-coding the names of each file in html, and this same mechanism could be used to access other information on the hard drive (the Firefox security policies for instance). The mechanism can still be useful, just not for files on the local hard drive. Bypassing this security feature through security.fileuri.strict_origin_policy for local html testing works, and it is understandably not recommended.
You need to log in before you can comment on or make changes to this bug.