seccomp does not use the eBPF userspace interface or any of the associated permission checks. seccomp (and also the classic socket filter interface) take cBPF (classic BPF), with no privilege checks; they use completely separate verification logic for this cBPF bytecode (the eBPF verifier is not involved IIRC), and then the cBPF code is (on almost all architectures) translated into eBPF. The eBPF kernel component is then only responsible for execution/JITting of this already-verified code, nothing else.