chroot.2: Minor fixes

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

man2/chroot.2

@@ -73,27 +73,29 @@ capability) may call
 .BR chroot ().
 
 This call changes an ingredient in the pathname resolution process
-and does nothing else. In particular, it is not intended to be used
+and does nothing else.
+In particular, it is not intended to be used
 for any kind of security purpose, neither to fully sandbox a process nor
-to restrict filesystem syscalls. In the past,
+to restrict filesystem system calls.
+In the past,
 .BR chroot ()
 has been used by daemons to restrict themselves prior to passing paths
-supplied by untrusted users into syscalls like
+supplied by untrusted users to system calls such as
 .BR open (2).
 However, if a folder is moved out of the chroot directory, an attacker
-can exploit that to get out of the chroot directory as well. The easiest
-way to do that is to
+can exploit that to get out of the chroot directory as well.
+The easiest way to do that is to
 .BR chdir (2)
 to the to-be-moved directory, wait for it to be moved out, then open a
 path like ../../../etc/passwd.
 
-
 .\" This is how the "slightly trickier variation" works:
 .\" https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-014-2015.txt#L142
 A slightly
 trickier variation also works under some circumstances if
 .BR chdir (2)
-is not permitted. If a daemon allows a "chroot directory" to be specified,
+is not permitted.
+If a daemon allows a "chroot directory" to be specified,
 that usually means that if you want to prevent remote users from accessing
 files outside the chroot directory, you must ensure that folders are never
 moved out of it.