Back to Security Pattern Catalog

chroot Jail

Classification Key : Core Security, Tampering


Compartmentalization is a high level pattern that suggests breaking up the task into smaller processes. It does not eliminate the problem of compromise in one process affecting other processes because processes communicate. Distributing responsibility among processes reduce this vulnerability. However, processes having shared resources are still not secure from attack. How can we design a system that is secure in a manner that compromise in one process does not affect another?


Run the processes under separate least privilege user ids. Also, the programs/processes should be run in a controlled environment with limited access to system files. This will limit the exploits of an attacker. In UNIX, this is achieved by running the processes in a chroot jail.

Known Uses

Almost all Postfix processes run inside a chroot jail.

Related Patterns

Server Sandbox


Hafiz et. al


Sandboxing, chroot


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz