...of the chroot (2) system call, or may temporarily use a different root directory by using openat2 (2) with the RESOLVE_IN_ROOT flag set. A process may get an entirely private mo…...lowed in nearly every system call. (This is also true for commands.) The one exception is openat2 (2), which provides flags that can be used to explicitly prevent following of s…