Native iPhone applications have access to standard POSIX C APIs and other must-haves such as Berkeley Sockets for TCP/IP communication. All third-party code runs in a sandbox, meaning that the OS exerts tight control over its access to system calls, TCP ports, files and other resources. You can't write an application that dips into another app's files. You can't write a custom mail or Telnet server that listens on the standard TCP ports for these services, whether the iPhone OS is using those ports or not.
Of course, there's no path from the sandbox to any device internals that you could use to flip the phone to a different wireless operator. The sandbox is tight enough that a hacker would have to punch through it to pillage or hobble your iPhone, and Apple has set it up so that every application can be traced back to its creator. Apple's method for registering and certifying applications will engender controversy, but users need to know that they can sample the riches of iPhone software in complete safety.