Does Windows have a chroot equivalent?

I've been messing around with Sandfox on Linux and I think it's pretty cool. Kind of like Sandboxie for *nix; you can create somewhat more secure chroot environments for almost any application. (Somewhat more secure because Linux chroot is IIRC less secure than BSD chroot, but yeah.)

So going full circle back to Windows... Does Windows NT have an equivalent to chroot so you could pull something like this off? Not that there's anything wrong with Sandboxie, but I would think that a chroot-like mechanism could perhaps be more flexible, e.g. you could tell it precisely what libraries to let a program read from, and it might work better for running services and stuff.

[doktornotor]

Maybe this: http://www.winquota.com/wj/

Quote:

WinJail provides the following possibilities:

Spawn specific applications with jail
Manage templates for applications
Provide separation on per user/per group basis in templates
Prepare jail environment with friendly interface
With "copy on write" folders, make mangement of your chroot environment fast and user friendly.

[Konata Izumi]

Is it something like GesWall? I think it is.
http://www.gentlesecurity.com/geswall.html

I was referring to built-in stuff... But it seems the closest thing Windows offers to a chroot jail is the "runas" command. I already knew about the "Protect my computer from unauthorized program activity" option, but I didn't realize that it had a bunch of trust levels; maybe one of those trust levels would be useful for sandboxing stuff, without creating so many restrictions that the program doesn't work?