The question is whether iOS is ready to run truly untrusted code. So far only web demonstrated proper sandbox which is rarely penetraded. Take Linux server for example, only few days ago sudo bug was found which could be used to escalate user privileges to root.
I'm not iOS expert, but the mere fact that there's private API which is forbidden to use by ordinary apps but that's only implemented by some static code checking rather than by OS means that iOS does not have proper security model ready to withstand arbitrary code execution.
I'm not iOS expert, but the mere fact that there's private API which is forbidden to use by ordinary apps but that's only implemented by some static code checking rather than by OS means that iOS does not have proper security model ready to withstand arbitrary code execution.