A number of applications (e.g., custom chroot jails, openssh, vsftp, apache) support the ability to chroot themselves. To find out if a process called chroot() at startup, you can check the /proc//root entry for the process. For non-chrooted processes this entry will point to /:
$ ps auxwww | grep [s]endmail
root 3643 0.0 0.1 69032 2344 ? Ss 2011 0:01 sendmail: accepting connections
smmsp 3651 0.0 0.0 59784 1780 ? Ss 2011 0:01 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
$ cd /proc/3643
$ ls -lad root
lrwxrwxrwx 1 root root 0 Jan 22 10:23 root -> /
For a chrooted process the root directory will point to the directory passed to the chroot() system call:
$ ps auxwww | grep [n]amed
named 18298 0.0 2.3 243632 49084 ? Ssl 2011 15:16 /usr/sbin/named -u named -t /var/named/chroot
$ cd /proc/18298
$ ls -lad root
lrwxrwxrwx 1 named named 0 Jan 22 10:19 root -> /var/named/chroot
Chroot environments can be made secure, especially if you follow the coding practices discussed in Building Secure Software and Using Chroot Securely. These are must reads for anyone who plans to use chroot()!