Sorry for jumping in late here but it seems to me that people missed
an important fact :-)

According to Eduardo E. Horvath:
>
>This seems to be getting complicated.  I figure you can solve the security
>hole if you prevent any chroot-ed process from acquiring root privileges.
>

Sorry, no this is too narrow a view.  If a user in the chrooted tree
can managed to install a set-uid or set-gid binary and then access
that binary from outside the chrooted area then your security is
blown.  Ponder, if you will, the implications of becoming a member of
the kmem group or the user bin (though a quick look at likely trojan
horses like `ls' are not feasible on the NetBSD system I looked at
there may be some havoc one can cause).

Just preventing a direct root breach is only going to slow people down
not stop them....

-- 
Brett Lymn, Computer Systems Administrator, British Aerospace Australia
===============================================================================
  And the monks would cry unto them, "Keep the bloody noise down!"
  - Mort, Terry Pratchett.