This is simply not true. The security boundary is not at that layer. Calling private methods doesn't escape the sandbox.
0: https://github.com/nst/iOS-Runtime-Headers/blob/fbb634c78269...
1: https://github.com/nst/iOS-Runtime-Headers/issues/32
2: https://github.com/nst/iOS-Runtime-Headers/tree/fbb634c78269...
This is simply not true. The security boundary is not at that layer. Calling private methods doesn't escape the sandbox.