Yes? But it presents a much smaller attack surface (as compared to the attack surface presented by the set of applications you might otherwise run under a sandbox). And it's maintained/secured by one vendor instead of the set of vendors that distribute the applications you might otherwise run under the sandbox.
Does that include the sandbox itself, which was written in C?