add/remove syscalls from the BPF filter and move sandbox() after libevent initialisation

what if we receive a SIGHUP right after unblock_signal (or during the whole block_signals...unblock_signals) but *before* the wait_sighup? Yeah.

now it's symmetrical to listener_main().

I got bitten by the scope visibility rules. After the end of the block, the path variable is no longer valid, and in fact later load_vhosts fails to open that (because the buffer gets invalidated)

the executor forks to spawn the cgi scripts, and they inherit the socket for communication with the listener process. Make that impossible.