Add several syscalls to src/lib/syscall.c (Torsocks breaks seccomp)
It looks like Torsocks whitelists calls that are allowed to be made via the glibc
syscall() function, but unfortunately the whitelist is too restrictive. For example
seccomp() is not permitted, and that results in the syscall being denied (new kernels use that rather than
prctl() to enable sandboxes). This results in any program that uses a seccomp sandbox being unsandboxed when used in combination with Torsocks!
clock_gettime() would also be whitelisted, because they are harmless and calling them as syscalls directly is a handy way to avoid them being used as vDSOs. The same goes with
fork(), where calling it directly is a handy way to avoid having to use the glibc wrapper, which uses