I think what Karma was suggesting is that a process executing inside the schroot environment can use ptrace(2) to attach to a process outside the schroot environment. Such a process will probably have the ability to run:
schroot -c <foo> -u root <arbitrary root-level command>
Of course, on Ubuntu kernels, the ptrace(2) attachment will fail due to:
kernel.yama.ptrace_scope = 1
I think what Karma was suggesting is that a process executing inside the schroot environment can use ptrace(2) to attach to a process outside the schroot environment. Such a process will probably have the ability to run:
schroot -c <foo> -u root <arbitrary root-level command>
Of course, on Ubuntu kernels, the ptrace(2) attachment will fail due to:
kernel. yama.ptrace_ scope = 1