[NoahZuniga]

Many (maybe even most bugs) the ais are finding are memory safety errors, which is pretty clearly not "the fault of running things with ambient authority". The data is treated as untrusted, but due to a mistake can still do something it shouldn't.

[mikewarot]

The thing is, if you're only allowed to access the actual files the user selected (at runtime) those are the only things that could possibly be corrupted. A memory error in any given app doesn't set up for a system compromise in a capabilities based system.