chroot
provides a minimal isolation mechanism, but is not really designed for security. Its limitation is coming from the fact that once you get root inside the environment the containment can be broken (chroot-break).
But, if you accept the fact that getting root access from inside the chroot is something hard, you can consider that chroot
is a good enough containment security.
Note that most of the secured containers provide an isolation mechanism that root cannot break.