Of course you can. Which means that you're using container primitives with chroot. Which is fine, but if you're going to do that I would recommend using pivot_root and mount namespaces -- which are more secure because there simply is no mapping above / in your namespace (chroot doesn't do this but pivot_root does). This means that there is no way in the VFS layer for you to resolve paths above your root (unless someone bindmounts something in or similar).