I'm not sure exactly what the permissions in K8s would relate to, but the issue I see is that it works as intended, in the sense that the container (and the namespaces it uses) is normally meant to section/limit the view of the process within.
Like, a Docker container has it's own root filesystem hierarchy which is rooted somewhere in the host, and the process running in the container will only see that.
osquery would need to run at a higher level (on the host), or a parent namespace.
But I'm not sure how this would translate with K8s.