chroot changes the root directory to that specified in path. This
directory will be used for path names beginning with /. The root directory is
inherited by all children of the current process.
Only a privileged process (Linux: one with the CAP_SYS_CHROOT capability)
may call chroot(2).
This call changes an ingredient in the pathname resolution process and does
This call does not change the current working directory, so that after the call
`.' can be outside the tree rooted at `/'. In particular, the super-user can
escape from a `chroot jail' by doing `mkdir foo; chroot foo; cd ..'.
This call does not close open file descriptors, and such file descriptors may
allow access to files outside the chroot tree.
SVr4, SVID, 4.4BSD, X/OPEN. This function is not part of POSIX.1. SVr4 documents
additional EINTR, ENOLINK and EMULTIHOP error conditions. X/OPEN does not
document EIO, ENOMEM or EFAULT error conditions. This interface is marked as
legacy by X/OPEN.