diff --git a/lib/libc/sys/chdir.2 b/lib/libc/sys/chdir.2
index 6942bed77d0e..4b8f1bd51b91 100644
--- a/lib/libc/sys/chdir.2
+++ b/lib/libc/sys/chdir.2
@@ -1,4 +1,4 @@
-.\"	$NetBSD: chdir.2,v 1.11 1999/03/22 19:45:01 garbled Exp $
+.\"	$NetBSD: chdir.2,v 1.12 1999/03/26 23:37:27 sommerfe Exp $
 .\"
 .\" Copyright (c) 1980, 1991, 1993
 .\"	The Regents of the University of California.  All rights reserved.
@@ -117,6 +117,11 @@ The file descriptor does not reference a directory.
 The argument
 .Fa fd
 is not a valid file descriptor.
+.It Bq Er EPERM
+The argument
+.Fa fd
+references a directory which is not at or below the current process's
+root directory.
 .El
 .Sh SEE ALSO
 .Xr chroot 2
@@ -131,3 +136,4 @@ The
 function call
 appeared in
 .Bx 4.2 .
+
diff --git a/lib/libc/sys/chroot.2 b/lib/libc/sys/chroot.2
index 9745c6c37ea6..491ac658d76a 100644
--- a/lib/libc/sys/chroot.2
+++ b/lib/libc/sys/chroot.2
@@ -1,4 +1,4 @@
-.\"	$NetBSD: chroot.2,v 1.10 1999/03/22 19:45:01 garbled Exp $
+.\"	$NetBSD: chroot.2,v 1.11 1999/03/26 23:37:27 sommerfe Exp $
 .\"
 .\" Copyright (c) 1983, 1991, 1993
 .\"	The Regents of the University of California.  All rights reserved.
@@ -57,7 +57,9 @@ beginning with
 In order for a directory to become the root directory
 a process must have execute (search) access for that directory.
 .Pp
-It should be noted that
+If the current working directory is not at or under the new root
+directory, it is silently set to the new root directory.
+It should be noted that, on most other systems,
 .Fn chroot
 has no effect on the process's current directory.
 .Pp
@@ -98,3 +100,8 @@ The
 .Fn chroot
 function call appeared in
 .Bx 4.2 .
+Working directory handling was changed in 
+.Nx 1.4
+to prevent one way a process could use a second 
+.Fn chroot
+call to a different directory to "escape" from the restricted subtree.
diff --git a/lib/libc/sys/ptrace.2 b/lib/libc/sys/ptrace.2
index ad5d38e2ce28..fb2f8b138bd2 100644
--- a/lib/libc/sys/ptrace.2
+++ b/lib/libc/sys/ptrace.2
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ptrace.2,v 1.7 1999/03/22 19:45:07 garbled Exp $
+.\"	$NetBSD: ptrace.2,v 1.8 1999/03/26 23:37:27 sommerfe Exp $
 .\"
 .\" This file is in the public domain.
 .Dd November 7, 1994
@@ -158,6 +158,14 @@ not be executing a setuid or setgid executable.  (If the tracing
 process is running as root, these restrictions do not apply.)  The
 tracing process will see the newly-traced process stop and may then
 control it as if it had been traced all along.
+.Pp
+Two other restrictions apply to all tracing processes, even those
+running as root.  First, no process may trace the process running
+.Xr init 8 .
+Second, if a process has its root directory set with
+.Xr chroot 2 ,
+it may not trace another process unless that process's root directory
+is at or below the tracing process's root.
 .It Dv PT_DETACH
 This request is like PT_CONTINUE, except that it does not allow
 specifying an alternative place to continue execution, and after it