The phone is perfectly capable of running background processes -- it really is just Darwin running on a small ARM device.

The default sandbox does not permit calls to fork/exec, but there's no guarantee that the SMS application runs in that sandbox, or that an attacker can't find a way to escape the sandbox.