Yes? But it presents a much smaller attack surface (as compared to the attack surface presented by the set of applications you might otherwise run under a sandbox). And it's maintained/secured by one vendor instead of the set of vendors that distribute the applications you might otherwise run under the sandbox.