Capability patterns are already familiar to any programmer who has used a language such as Algol, PL/I, C, and many others. Each of these languages pass access to data and procedures as arguments. Variables have scopes outside of which they are undefined. The protection afforded by most implementations of these languages is incomplete but the rules are clear even if not completely enforced. We use this style of assembling units of code into larger units with the help of compilers, linkers and loaders. Some languages such as Java and SmallTalk require their own alternative to the otherwise democratic loader tradition. They also introduce OO patterns which extend this protection of data. They also achieve thereby a degree enforcement of access rules.
Another style of assembling code generally emerges however as we come to say that we have "finished a program", or at least all of the code that we think should cohabit an address space and now want to fit that code together with other programs to form yet larger systems. At this level the common practice is to fall back on techniques such as shell scripts whose semantics are those of command systems which in turn are those of the system calls by which the underlying operating system creates new adress spaces. It is those semantics that enable the logic of viruses. These various languages such as shell scripts, perl and python, which have been called the duct tape of programming, then cannot transcend the problems of the Unix like system access rules, which are all Unix like these days: The invokee inherits the authority of the invoker.
The alternative to this is that the same patterns of conveying authority are used after the compilers, linkers and loaders are done. The new arguments are capabilities!