Wietse Venema's chrootuid process jail utility
Source ftp://ftp.porcupine.org/pub/security/index.html
I needed to specify larger open file limit for a squid instance so modified the original to allow this to be passed to this utility. Other resource limits could be modified in the same way if ever required. Uses getopts(3) and doesn't use syslog(3) as wasn't required.
chrootuid -t /jail -u user [-n nfiles] [-P prio] -- command...
Code files/chrootuid.c and man page files/chrootuid.8
LICENSE
This was basically a rewrite of Wietse's original and his
license is quite liberal.
I prefer the Creative Commons CC0
http://creativecommons.org/publicdomain/zero/1.0/legalcode
for my code.
James Sainsbury
EXAMPLE
Run squid as user squid chrooted to /squid with maximum
open file descriptors 5000 reniced to priority -5
/sbin/opt/chrootuid -t /squid -u squid -n 5000 -P -5 -- /usr/sbin/squid -u0 -D