Leopard sandboxing = Symbian capabilities
"Sandboxing" on Leopard looks like a way to restrict applications to accessing a subset of the APIs, and a subset of the available disk storage.
That sounds a lot like Symbian OS 9 capabilities and data caging.
Oh, and application signing showed up too.
So I think it's a fair bet that the iPhone will follow a similar model: applications can be installed by the user, so long as they require some small, safe set of capabilities and disk access.
Anything more complex will require approval/signing/etc. by Apple.
At a guess, the differences will be:
1) Apple will do the signing and packaging process much more smoothly, so it isn't the massive impediment to third party development that it is on Symbian. Apple will ensure it "just works". But...
2) Apple will somehow arrange the set of freely available capabilities to protect its own commercial interests, as opposed to purely security interests. In particular they somehow want to prevent people writing iTunes-equivalents. That either means restricting net access, or sound playback, or perhaps available disk storage - unless you get your application signed. (None of these things are restricted on Symbian OS.) I don't see how they can get away with pretending net or sound restrictions are in the interests of security, so I bet it's the latter but it'll be interesting to see...