diff -uNr openssh-3.7p1/session.c openssh-3.7p1-chroot/session.c
--- openssh-3.7p1/session.c	Mon Sep 15 21:52:19 2003
+++ openssh-3.7p1-chroot/session.c	Tue Sep 16 14:23:34 2003
@@ -62,6 +62,8 @@
 #include "ssh-gss.h"
 #endif
 
+#define CHROOT
+
 /* func */
 
 Session *session_new(void);
@@ -1227,6 +1229,12 @@
 void
 do_setusercontext(struct passwd *pw)
 {
+
+#ifdef CHROOT
+	char *user_dir;
+	char *new_root;
+#endif /* CHROOT */
+
 #ifndef HAVE_CYGWIN
 	if (getuid() == 0 || geteuid() == 0)
 #endif /* HAVE_CYGWIN */
@@ -1264,6 +1272,27 @@
 			exit(1);
 		}
 		endgrent();
+
+#ifdef CHROOT
+		user_dir = xstrdup(pw->pw_dir);
+		new_root = user_dir + 1;
+
+		while((new_root = strchr(new_root, '.')) != NULL) {
+			new_root--;
+			if(strncmp(new_root, "/./", 3) == 0) {
+				*new_root = '\0';
+				new_root += 2;
+
+				if(chroot(user_dir) != 0)
+					fatal("Couldn't chroot to user directory % s", user_dir);
+					pw->pw_dir = new_root;
+					break;
+				}
+				new_root += 2;
+		}
+#endif /* CHROOT */
+
+
 # ifdef USE_PAM
 		/*
 		 * PAM credentials may take the form of supplementary groups.