App sandboxing
Also known as: sandbox, app isolation, sandboxed app
App sandboxing isolates each app in its own restricted container so it can only touch its own files and the data you explicitly allow — not other apps or the rest of the system. It is a core reason phone apps are hard to weaponize against each other.
- Each app is isolated in its own container
- Cross-app access requires system-enforced permissions
- Limits the blast radius of a compromised app
How the sandbox works
Each app gets a private area of storage and runs with limited privileges. By default it can read and write only its own container; reaching anything else — your photos, contacts, or another app’s data — requires going through system APIs that enforce your app permissions.
This containment is why uninstalling an app cleanly removes its data, and why a misbehaving or malicious app cannot quietly rummage through the rest of your device.
What it means for storage and privacy
Sandboxing shapes how storage is cleaned: an app can clear its own cache and files but cannot reach into another app’s container, so there is no all-powerful "clean everything" app on iOS. Tools work within what the system exposes — your photo library, files you share in, and their own data.
It also limits damage. Even if one app is compromised, the sandbox keeps it from reading the data of others, which is a key part of why mobile platforms are generally safer than open desktop environments.