I believe the conflict in our understanding is in each of our understanding on where the /.. = /. = / magic is implemented. My understanding of the file system structures tells me that /.. = /. = / is implemented at mkfs time, not at run time. The '..' and '.' entries in '/' both refer to the same inode as '/' refers to. There is no special magic in the kernel.

It is possible that I am incorrect, however, I suggest to you that my understanding is the only understanding that explains why Linux allows users to escape a chroot() jail by referring to '.' and './..'.

UPDATE:

I think we are both wrong. I can't seem to escape the Linux chroot() jail in any of the ways listed above unless '.' was already outside the chroot() jail, which is the exploit that the man page refers to.