The SFTP component in OpenSSH provides a chroot-feature for hardening. It is stated in the documentation that the chroot directory must not be writable by the user account, though specific files and subdirectories within it are allowed. Some people were questioning the read-only restriction. halfdog documents some analysis which is the result of discussions on openssh-dev mailing list. Here are some arguments about why these restrictions still makes sense in 2018.
(Score: 2, Offtopic) by realDonaldTrump on Wednesday January 10 2018, @04:41PM
A lot of our newspapers are turning into cyber sites. The failing Daily News was bought by a cyber site. But you look at those sites, they're mostly about our entertainment & sports celebrities, and the terrible wave of immigration & crime we're suffering through. And sometimes a little bit about cyber, the cyber that regular folks do. These EMAILS are about cyber for cyber people. You can tell because there's no picture. The stories for regular people have a picture of a keyboard, a picture of a Bitcoin, or a picture of the ones and zeros. This one doesn't. Very hard to read, but maybe someone wants to!