Imagine an application that can do anything with your data. Literally anything. Imagine an application which can get your private photos and send them over the internet to some external server. In UNIX-like operating systems almost all applications can do that. If you had an exploitable bug in grep(1) somebody would be able to do so. If you had an exploitable bug in cat(1) somebody would be able to do so. When your application has access to all your user data we are talking about ambient authority.
What if you could do stuff another way? What if your application could have only a capability to use the things it really needs to use. What if you grep(1) would have only read-only rights to a file that it’s should parse, and it couldn’t create a network connection or send signals to different processes. This is a capability world which Capsicum implements.