Typically - yes, but we can change that. Application does not need to access all data, it happens because today any web application serves millions of requests and thousands of users, it needs to access all the data of all users at any time. When using ZeroVM you can serve one user and one request by one VM instance. Then you may explicitly define what data is accessible to that one VM instance. Yes, you can implement such controls in your application yourself, but we are just doing it for you, uniformly, on infrastructure level.
And about "3rd party code". If we have two developers, each works on a different module of the same application, isn't their code is "3rd party" to each other?
And about "3rd party code". If we have two developers, each works on a different module of the same application, isn't their code is "3rd party" to each other?