Definition
Chroot
Chroot is a system call that changes the root directory of the calling process. All pathnames beginning with
/are resolved relative to this new root, and the setting is inherited by child processes.
Caveats
Escapes and open descriptors
A chroot environment is not a complete sandbox.
- The superuser can escape a chroot jail in several ways.
- File descriptors opened before the chroot call remain valid and may allow access to files outside the jail.