What chroot() is really for

LOL, WUT?

Are you saying that you only run perfect software that never has security relevant bugs on your systems, where do you find this perfect software and can I get some? If, like many of us, you run software which is imperfect then limiting its access to system resources when it gets exploited is useful to contain the damage, turning one problem of how to derail the software and take execution control of it, into several including how to escape the container if you want access to data other than what the application normally processes.

chroot() is a limited way to handle this, the first version of containers, there are better ways to do this now with VMs and Namespaces and SELinux and seccomp and Capsicum, etc. etc. which can make software, not impervious, but more resilient to complete security failure.