Containers (those popularised on Linux by Docker) are built on Linux primitives like cgroups and namespaces, so they're running directly on the same kernel, same VFS, often the same FS, etc. Their isolation properties rely on (a) all those Linux features working as expected, and (b) the container runtime setting them up properly.

Depending on your threat model, that's fine, but a lot of people (including me) will say that containers are not a security mechanism.

But macOS requires[1] virtualisation for containers anyway; the security is just a bonus.

[1] at least for a real Linux kernel...