Ever tried to chroot an application? You then know there is a number of obstacles in chrooting applications, often requiring the development of custom wrappers to set up the chroot and other stupidities, and even then it is still hard to get it right and secure.

  1. Introduction
  2. Download
  3. Documentation
  4. Donate


chroot_safe is a tool to chroot any dynamically linked application in a safe and sane manner. It is designed to replace chroot and su nobody -c while at the same time addressing some of the major shortcomings of these tools. It was originally designed for chrooting anoncvs servers in an easy and foolproof manner, but is equally useful numerous other applications where you need chroot for security.

Normally when you chroot applications not having native support for chroot there is a number of obstacles to overcome

  1. The binary must be within the chroot jail
  2. All libraries used by the binary must be within the chroot jail
  3. chroot does not drop root privileges
  4. su nobody -c does not chroot

Shortcomings 3 & 4 can be addressed by writing a small tool replacing chroot, but you still have limitations 1 & 2.

chroot_safe addresses all four of these shortcomings by at runtime linking instrument the application to perform a full chroot and drop all root privileges just after dynamic linking has completed but before the application as such is started. This is done via a small LD_PRELOAD stub and a shell wrapper giving instructions on how to chroot. The exact detail on the communication between the two can be found in the chroot_safe.cpp source file.


Download the current stable version from the project files archive

Access the latest and greatest version using cvs.



If you like this software please consider to donate a reasonable sum to the author to support his work and encourage further development of both chroot_safe and other useful tools.

chroot_safe © 2004 Henrik Nordstrom <> Logo Donate to this project