The index page for capabilities here mentions “security” many times. There is another conceptual framework in which to think about the problems that capabilities address—the correctness of applications.

The best written applications in conventional systems are unable to assure certain important characteristics, such as secrecy or robustness, due to the nature of their platform. The biblical parable of a house built on sand applies. The common excuse is that an application cannot be faulted for the inadequacies of the platform on which it runs—and this is true to varying degrees.

None-the-less information protection should be part of the application specifications. Robustness is largely subject to the quality of underlying hardware as well as the people who attend to the needs of that hardware but this site is devoted to OS architecture.