You are hereProducts / Chroot for Windows

Chroot for Windows

Chroot on XP

Download Now


Chroot is a popular Linux tool that allows you to run a program that cannot access files outside of a specific file system folder tree. Now, using undocumented features, a native Windows version is available that doesn't require the usage of Cygwin or any additional software.

Due to the differences in operating system between Windows and Linux, this version provides a bit more flexibility that that provided and indeed required by the original. For one, you can choose to how severely to chroot a program, preferring to blocking off access to one, a few or all of the available drives present in your computer configuration.


Usage: chroot rootDir [options] program args
Where [options] can be none, one, or more of these:
-h Shows this help
-v Shows the version banner
-a Run 'program' as an anonymous user
-u Run 'program' as user
-f Allow 'program' to access the drives identified in

Note -a and -u cannot both be defined. If neither is defined 'program' will be run as the user running chroot

should be a collection of drive letters, e.g. to allow 'program' to access drives C: and D: the format of the option would be -f cd

'rootDir' and 'program' can contain environment variables

'rootDir' isn't required for -h or -v options


Since any process can chroot any other it has access to without any special privileges, there's no ultimate guarantee that a rooted process will stay rooted. While that is true, currently it is by no means a common occurance.

Also on Windows 7, child processes don't inherit the chrooted-ness of their parent. Instead they revert to the default drives and directories.

A third is that, unlike Linux, you can't use this to create a second 'version' of Windows in the chroot dir due the effects of KnownDLL loading, which overrides the chroot environment. Non-known system dlls are required to exist inside the environment as and when the rooted application needs them.

How it Works

The tool works by running and pausing the requested program, changing what it sees as the location of the file system drives, and then letting it go on its way. This is achieved via the use of device maps, there is a more in-depth technical blog posting on the process and how it works here.


The download includes both x86 and x64 binaries in one executable, as well as the source code. You'll need the Visual Studio 2008 to build it as is. Other C++ development environments which can compile Win32 programs may also be able to build it.

Download Now
Size: 207 KB
MD5: 6400a538ba42fd58f8e7092239a7eb9d
SHA1: 886965437d22ba63832a859e3889ea01d6b19cd2
CRC32: 40b82a20

Recent News