This is an example of capability that you could have to filter communication between apps on different machines that you do not get with SELinux securing things on one machine.
as for what this would be useful for.
if you have apps that expect things to be text files and throw arbitrary binary data at them you may find a flaw in them and be able to do things as the owner of that process. If you make sure that such bad data can not get to the app you eliminate an entire class of exploits.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds