Ownership and security are at odds. The only remedy would be forcing Apple to allow the owner of the device to run whatever they would like on it, unfortunately this does include malware.
In the broadest sense, an app that "can not cause harm" can't do anything useful. To the industry's dominant players, "causing harm" means empowering the user to venture outside their walled gardens... or even to see outside them.
So, no, sandboxing everything in sight isn't a useful solution. Your sandbox will just imprison us all.
The secure solution is to treat every app as malicious and put it in a sandbox where it can not cause harm. See also Android and ChromeOS.