As a temporary workaround, you can add also CAP_DAC_READ_SEARCH capability, to allow reading /proc/self/fd regardless of permissions.
Surely this is not a viable definitive solution for security concerns, but it works in the meantime.
Regards,
federico