I think people are concentrating on the outdated chroot model far to
much. The Hurd already has a immensly secure way to create a secure
box from which one cannot escape, it is called a sub-hurd.It would be useful to make a precise proposal to eliminate chroot as a mechanism and use sub-hurds to do the same job. Then people could look for flaws in it and we could see if it really works.
