Short answer: security reasons.
Extensions are considered much more risky than apps. Extensions can do a lot of things that apps can't, like hook into web request or inject script into pages, for example. Apps are kind of sealed via CSP and their run time model is much more isolated.
For this reason APIs which are considered risky - and fileSystem is probably the most risky API we have - are by default not made available in extensions.
Having said that there is ongoing discussion about how we can make more APIs available to extensions.