Firejail allows –chroot when seccomp is not supported, which might allow local users to gain privileges.