seccomp specification has non-obvious semantics

[cyphar]

Right now, our seccomp rule specifications have this strange behaviour where if two arguments touch the same argument index, the argument list is treated as a series of OR conditions rather than AND conditions. This was added by e9193ba to fix a breaking change, but the net result is that our seccomp rule generation feels at least slightly unpredictable as a result.

We should really rework this alongside the longer-term fix for #2151.

[cyphar]

This also means that you cannot create a seccomp rule which only permits a syscall if more than one conditional is met (such as value > X && value < Y or something similar. This appears to have been an oversight in the original implementation but I'm not clear how exactly we could change this now, several years later.