Sometimes it is imperative for an application to run in a protected environment, especially if it provides a service (like for example, the apache server). For this reason, an administrator can use the chroot system call to force a process (or process group) to run under a subset of the file system, denying access to any other parts of it.
Another common use of this mechanism is for creating a sandbox for a user, even root, in order to test something without the fear of accidentally destroying the system (although this is not entirely true, since the chroot mechanism cannot by itself be used to block low-level access to system devices).
So, how can we find if some application is running in a chrooted jail or not?
One way is by running
ls -id /
to check the inode of the root directory. If it is a large number, then our application is jailed in a chrooted environment.
Visit The Light of the LAMP blog for more…