This link breaks down what permissions are used on MacOS.

> Maybe I’m using the wrong term

Typically, the meaningful piece with "rootless" Docker is that the daemon is not running as root.

When the Docker daemon is running as root on a Linux server, for example, anyone who can access the daemon (i.e. anyone in the "docker" group) has enough access to the system can do catastrophic damage with the access they have. For example, the docker daemon can mount any file on the host's filesystem (i.e. "-v /etc/shadow:/tmp/shadow"). With Docker running as root, anyone with access to the Docker daemon has the power to do almost anything to the system.

With rootless Docker, that issue is mitigated heavily because the Docker context is restricted to an unprivileged user context.

> but when installing Docker, you need root access, and not for Podman

According to Podman Desktop's docs, it asks for admin permission when installing on MacOS: https://podman-desktop.io/docs/Installation/macos-install

That being said, I don't personally see any security value added or removed by an installer process needing to elevate privileges. That's a one-time thing and likely should require admin privileges.