The thing is, if you're only allowed to access the actual files the user selected (at runtime) those are the only things that could possibly be corrupted. A memory error in any given app doesn't set up for a system compromise in a capabilities based system.