/private/var and /var are the same thing, the /var is simply a symbolic link

The preconfigured AFC service is jailed to the directory /private/var/mobile/Media

There is actually a second preconfigured AFC service that gives acccess to /var/mobile/Library/Logs/CrashReporter"

Write to any files outside of these subdirectories requires jailbreak.

Additionally CallHistory has been moved to a different location under iOS 4.0 /var/wireless/Library/CallHistory
There is an additional user, _wireless and some of the functions related to CommCenter / the baseband processor seem to have been moved here. I think this is intended as an extra security feature.