Foreword
This article describing the practical use of chroot on OpenBSD was originally written by Karsten Pedersen on 20 July 2014 and was located here until the IBM developerWorks connections platform was sunset at 2 January 2020. It has been kept in its entirety to help others that may have stumbled on an old Google search result.
Introduction
Chroots have many uses in UNIX-like operating systems and the chroot(8) command is not unique to OpenBSD. They are often used for security reasons in order to run a potentially vulnerable service in its own environment so that if it becomes compromised and an attacker manages to escalate their privileges to that of the compromised service, they are still constrained to the chroot that the service has been run in.