Starting with version 10.5 of its desktop OS, Apple has allowed developers to voluntarily remove functionality from their applications using a set of pre-defined profiles — nixing network access, or the ability to write to the filesystem, for example — as a way to limit the damage an app could do should it be compromised in the wild. CoreLabs Research has discovered a way to route around these limits: using Apple Events, a given application can launch other applications that don't have the same restrictions in place. Imagine an application that's been specifically prohibited from accessing the Internet being able to launch a fully-functioning Safari, and you'll get the idea.
It's important to note that the sandboxing being exploited here is actually a different technology than the App Sandboxing introduced in OS X 10.7, which Apple is making mandatory for Mac App Store titles next year. Under the new model, applications are only able to send the type of Apple Events CoreLabs is using to programs they have defined in advance — a list which Apple can vet before releasing an app on its store. Still, Apple has accepted apps with security problems before, and the list safeguard is only reliable if Mac users are buying solely from Apple.
As for the legacy vulnerability, the researcher states that Apple has acknowledged the security hole, and while Cupertino hasn't promised a fix, it may update its documentation to clearly denote the behavior.