What is it for?
Most operations that access issue data (e.g. reading or modifying issues) have a user in the authentication context. It means that access is executed with privileges and on behalf of some particular user.
However, some technical operations are executed without the user in a context, as these operations are not executed by a user but by Jira itself (e.g. sending notifications, event listeners services, custom scripts).
Example: User that is entered in the Secure Single User custom field is set to receive an email notification in a case when particular events occur (e.g. issue creation). If Evaluate permissions without the user in the authentication context as true box is not checked, a user will not be notified. The reason is that the notification generation engine is executed without the user in a context, so our permission engine denies access. If you select this checkbox, it will always allow access and the secure user will be getting notifications.