You sanitization callback function get passed all the values that correspond with the setting name. When a POST request is made to the options.php file from the page on which your settings resides, WordPress calls your sanitization callback in a way that would resemble this:
<?php
boj_myplugin_validate_options( $_POST['boj_myplugin_options'] );
Notice that the name attribute looks mysteriously like indexing an associative array: boj_myplugin_options[text_string].
This sets up $_POST['boj_myplugin_options'] as an array. But, as you can see above, WordPress doesn’t pass the entire $_POST array into your sanitization callback: it just passes the values related to your plugin. Doing it this way allows you to store multiple values in the same option. You don’t always do that, but it’s fairly common.