[$] Unprivileged chroot()

It is probably fair to say that most Linux developers never end up using chroot()in an application. This system call puts the calling process into a newview of the filesystem, with the passed-in directory as the rootdirectory. It can be used to isolate a process from the bulk of thefilesystem, though its security benefits are somewhat limited. Callingchroot() is a privileged operation but, if Mickael Salaun has hisway with this patchset, that will not be true for much longer, in some situations atleast.