In modern Android versions (the last several years) this option allows you to give one or more apps the permission to install apps (in older versions it was just a single switch, and once set any app with that capability could do the install). My personal feeling is that you should never allow a browser to do this: I've seen examples of ads or scripts on websites that tell the browser to download an apk, so giving the browser the ability to actually install it as well always seems like a way of making your phone as vulnerable as possible. So I personally give one of my file managers the ability to trigger installs and no other app (apart from F-droid, which is an app store itself). And if you want to increase security, do it in stages: download the apk, then give your file manager (or other app of choice) the ability to install, use that to install the apk, then remove that permission from the app you just used to perform the installation (equivalent in the old way of enabling install from unknown sources, doing the install, then disabling it).