Seems this bug that prevented enabling seccomp is now fixed according to the changelog. Let’s see if it works for the next release.
https://blog.torproject.org/new-release-tor-0348-also-other-stable-updates-02917-03212-and-03310
Minor bugfixes (Linux seccomp2 sandbox):
Fix a bug in our sandboxing rules for the openat() syscall. Previously, no openat() call would be permitted, which would break filesystem operations on recent glibc versions. Fixes bug 25440; bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.