--- session.c.orig	Mon Jun 11 18:44:24 2001
+++ session.c	Mon Jun 11 18:45:57 2001
@@ -118,6 +118,12 @@
 	int	is_subsystem;
 };
 
+#define CHROOT
+#ifdef CHROOT
+	char *user_dir;
+	char *new_root;
+#endif  /* CHROOT */
+
 /* func */
 
 Session *session_new(void);
@@ -1134,6 +1140,26 @@
 			 */
 			do_pam_setcred(0);
 #  endif /* USE_PAM */
+
+#ifdef CHROOT
+			user_dir = xstrdup(pw->pw_dir);
+			new_root = user_dir + 1;
+
+			while((new_root = strchr(new_root, '.')) != NULL) {
+				new_root--;
+				if(strncmp(new_root, "/./", 3) == 0) {
+					*new_root = '\0';
+					new_root += 2;
+
+					if(chroot(user_dir) != 0)
+						fatal("Couldn't chroot to user directory %s", user_dir);
+					pw->pw_dir = new_root;
+					break;
+				}
+				new_root += 2;
+			}
+#endif /* CHROOT */
+
 #  ifdef WITH_IRIX_JOBS
 			jid = jlimit_startjob(pw->pw_name, pw->pw_uid, "interactive");
 			if (jid == -1) {