Hi Zach,
If they are able to traverse doesnt it defeat the very purpose of having a chroot jail? The user should basically not see anything except his home directory and not be able to browse directories at all.
I havent done a chroot with sftp but I believe its not allowed as this link suggests.
http://chrootssh.sourceforge.net/docs/chrootedsftp.html
There apparently seems to be a patch however .. so you might want to search around on this page.
Just incase you feel you dont want to apply this patch and still want to use FTP I would suggest trying out Vsftpd. I can vouch that it's chroot mechanism does work. Incase you need help setting Vsftpd lemme know..I'll pass on my exact config file so you can use it as a reference.
Remember that you will need to copy binaries and libraries used by Sftp into the jail as well to have it fully functional... Here's a link:
http://www.netadmintools.com/art294.html
Cheers
Arvind
p.s.... Seriously though.. go for Vsftpd compiled with SSL if its not too much to ask of your firewall. Your call