Yes, that is of course correct for a non-privileged user. However, is that also the case for root? The use-case here is traefik and dynamic configuration. If you want to use that feature, traefik needs access to the docker API, i.e. /run/podman/podman.sock. SELinux is currently blocking access from within the traefik container.