That was my thought... You can protect it so you can only chroot some particular place. If you had a particular place tighter than, say, an iPhone's chroot jail, that might make sense. If you've got something like this, designed for utility over security, anyone getting chrooted in without rather immediate dropping of permissions owns your system. (And there's a decent chance, without further attention paid, that they still could.)

But if you'd rather, yes you can do something like:You can also set it to require either root's password or the user's password (the latter is so you don't get baggy-pantsed, and is typical for sudo, especially on a single-user system.), if you think that's more appropriate.