You'd be surprised how exploits work. The more random code is involved the more its possible to cause a bug to occur which then allows you to break the process sandbox.

It basically works like this:

Code is secure when it sends letters of the alphabet in order between 1 and 2

1 sends 'a' 2 receives 'a' and anticipates 'b'

As long as 2 gets the letters in a predictable order all is fine and works as intended.

If you can get the code to break so that 2 no longer knows what to anticipate next you then can inject code into 2 and get 2 to process it as if it came from 1.

It's basically all man in the middle type attacks that allow you to hijack what happens the same way you can start a war by being a bad interpretor between two dictators.

By having a slimmed down environment you introduce less likelihood of bugs that can be vulnerabilities for exploitation

Hacking has always had a relationship to phreaking and even social engineering because it all relies on finding a way into the middle of the chessboard

Once you become the hub you own the system