+.TP
+\fB--chroot\fR
+Before changing to the user ID given in the --user option, chroot to
+that user's home directory, i.e. make the kernel pretend to the
+\fBPrivoxy\fR process that the directory tree starts
+there. If set up carefully, this can limit the impact of possible
+vulnerabilities in \fBPrivoxy\fR to the files contained in
+that hierarchy.
+.TP
+\fB--pre-chroot-nslookup \fIhostname\fB\fR
+Initialize the resolver library using \fIhostname\fR
+before chroot'ing. On some systems this reduces the number of files
+that must be copied into the chroot tree.