Seems this bug that prevented enabling seccomp is now fixed according to the changelog. Let’s see if it works for the next release.
Minor bugfixes (Linux seccomp2 sandbox):
Fix a bug in our sandboxing rules for the openat() syscall. Previously, no openat() call would be permitted, which would break filesystem operations on recent glibc versions. Fixes bug 25440; bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.
Correct how we use libseccomp. Particularly, stop assuming that rules are applied in a particular order or that more rules are processed after the first match. Neither is the case! In libseccomp <2.4.0 this lead to some rules having no effect. libseccomp 2.4.0 changed how rules are generated, leading to a different ordering, which in turn led to a fatal crash during startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by Peter Gerber.
Fix crash when reloading logging configuration while the experimental sandbox is enabled. Fixes bug 32841; bugfix on 0.4.1.7. Patch by Peter Gerber.
Here’s a (probably) foolish question I have
Does this concern the “Sandbox 1” option that can be set in the torrc file, or is this something else entirely?