The thing is, what apple is trying to do is less like micromanaging or controlling, and more like setting rules and regulations to ensure quality of the apps. When a product is made, before it is released it usually has to pass certain tests to ensure it is of high quality this is no different.
What apple wants is for each "process" within an "App" to only have access the exact resource it requires. All it means is that each "process" will not have access to everything that the "application" has access to. this way all processes are harder to exploit, (which is how hackers install virus' ect) also allowing each process to be shared out between cores on a computer increasing efficiency and speed of the app running. it also means if any of these "processes" crash, the "App" can keep running and the "processes" can be restarted, reducing the probability of crashes.
for example
"A process that's decoding video probably doesn't need any access to the file system, the network, the built-in camera and microphone, and so on. It just needs to accept a stream of bytes from its parent process (which, in turn, probably used Powerbox to gain the ability to read those bytes from disk in the first place) and return a stream of decoded bytes. Beyond this simple connection to its parent, the decoder can be completely walled off from the rest of the system. Now, if an exploit is found in a video codec, a malicious hacker will find himself in control of a process with so few privileges that there is little harm it can do to the system or the user's data."
http://arstechnica.com/apple/reviews...os-x-10-7.ars/
As for accessing the rest of the system
"Apple has chosen to solve this problem by providing heightened permissions to a particular class of actions: those explicitly initiated by the user. Lion includes a trusted daemon process called Powerbox (pboxd) whose job is to present and control open/save dialog boxes on behalf of sandboxed applications. After the user selects a file or directory into which a file should be saved, Powerbox pokes a hole in the application sandbox that allows it to perform the specific action".
http://arstechnica.com/apple/reviews...os-x-10-7.ars/
it just means that the app will require the "USER" to request access then an entirely different sandboxed process (Powerbox) will access other file systems for the app. which makes it even harder for hackers to exploit apps to install virus' ect. only downside is that developers will have to work a lot harder, which is to be expected if the developer wants a more secure, more efficient and all in all better App
what apple is trying to do is eradicate sloppy coding and i think its a great idea, and will set a new standard for developing in the industry.
some people might say taking a low of lower level stuff out of developers hands is restrctive and can make them lazy as they dont have to worry so much. but That's only true if you assume apple does not provide substitue ways of doing the things you speak of. Just how apple has provided a way for apps to access files, it's also possible for apple to create new ways of doing everything the old apps used to do. I doubt Apple's end goal is to remove all useful functionality to apps.
as for dumbing down developing, think about it when everything was coded in machine code, the developer had to think about so much that they never had the time or resource to implement the sort of features we have now. its only because of great libraries, API's, and innovative coding sofware which removes all of the hassle that apps are able to do so much now.
so in that respect , by developers "being lazy" about doing stuff which the OS can handle like security and threading (which can now be handled by Apple's GCD) , it allows them to concentrate on innovating. rather than coding.