I would not use sudo for this, I would write a simple C program that verifies the invoking user's passwd db entry has the program as its shell, then runs chroot directly. It would have to be setuid root of course but since the only users able to run the program are ones with it as their shell this is safe. - todd