Wait wut?! An app can't bypass safe guards built into the OS unless there is an exploit. If there is an exploit, then any app--whether it's from the official store or sideloaded--can exploit the vulnerability. Y'all can stop repeating Apple's FUD/propaganda.
Android requires the user to grant permission to the app at least once if it wants to access. You have to give it access, or Android will block its access. If Android can restrict an app's access, iOS can as well.
The beauty of sideloading is you can install older versions of the app that doesn't demand unnecessary access. A lot of gallery apps on the PlayStore wants access to my contact list, microphone, camera and network. Oh, hail no. I'm using the old version that only want access to my storage. The only thing the gallery app needs to access is my photos, so that's all I'm gonna give it access to. Old versions are often times much, much better than the new versions.
With Apple, if you want to use the old version, y'all
SOL.