This is a good point, since they are effectively equivalent levels of access.
That said, some Docker Host OSes don’t allow installation of software on them in the traditional sense and instead handle this through containers, to the point where some of the OSes are actually made up of multiple privileged containers.
BigFix running in a Privileged Container would allow BigFix to access the host, but I don’t believe it actually looks like BigFix is running on the actual host OS, it just has access to it. This should mean that traditional bigfix patch fixlets would appear relevant based upon the Privileged Container and not the Host OS itself.
I have been meaning to test Privileged Containers for this kind of use to see how they work, but I have never actually tested this.