Can you explain your question a little more? What particular hardware? I will right now assume you just mean J2ME devices, and why it operates in a sandbox.
The reason for working in a sandbox and not having direct access tot he hardware is for security reasons. This way you cannot create a J2ME virus which will kill the device. Consumers would not be happy about having their Cell Phone ruined by some Java developer wanted a cheap thrill.