Modern browsers and smartphone operating systems treat applications as mutually untrusting, potentially malicious principals. Applications are (1) isolated except for explicit IPC or inter-application communication channels and (2) unprivileged by default, requiring user permission for additional privileges. Although inter-application communication supports useful collaboration, it also introduces the risk of permission redelegation.

http://www.cs.columbia.edu/~lierranli/coms6998-10Spring2013/papers/perredel_usenixsec2011.pdf