The fundamental thing about those features (and the equivalent on every system except Windows) is that you can never get more capabilities, only less. Once you are in a jail, there is no API for getting out of it.
You can't even see a binary from the rest of your system, and exec won't get you out.
You can't even see a binary from the rest of your system, and exec won't get you out.