api-modernization: replace vfork in nft_popen with safer spawn model

[somethingwithproof]

Summary

Replace vfork() usage in nft_popen.c with a safer, portable process-spawn approach.

Work

• Replace vfork() path with posix_spawn() (preferred) or a well-guarded fork() fallback.
• Preserve current stdin/stdout pipe behavior and fd cleanup semantics.
• Keep retry/error handling explicit and deterministic.
• Validate behavior across supported Unix targets (macOS, FreeBSD, Linux/Solaris variants where available).

Acceptance Criteria

• No vfork() remains in nft_popen.c.
• Child process setup preserves existing command execution behavior.
• No regressions in thread-safety/cancellation behavior.
• Logging/error handling remains actionable.

Related:

• [Concurrency] Transition to Task-Based Work Queues and C11 Threading Primitives #480 discusses broader concurrency modernization; this issue is a focused API replacement.

[somethingwithproof]

Addressed in merged PR #514. nft_popen.c now uses posix_spawn with file actions on POSIX platforms, with vfork/execve fallback on Cygwin where posix_spawn is unreliable.