ssh_rundirect is a ssh job control software, it allows you to set up a chroot jail for multiple applications to share but work independently, ie, not causing interference with each other. With the chroot jail, you can just allow scp, sftp, or just a dd command (used in a situation like "cat /path/to/data/file|ssh Sam@Sever "dd of=newfilename".
It also allows you to control client connection start time, for example, clients are not allowed to connect with the account on Sunday and early morning on Wednesday.

Unlike using the built-in chroot feature of openSSH, using ssh_rundirect to create chroot jail is by default very secure. We are not saying openSSH's chroot feature itself is not secure, but instead, lots of implementations did by many people have security issues.

As the example we gave earlier, with ssh_rundirect, for secure file transfer to the server, you even don't need the sftp-server running on the server, just set up a dd command in the jail, you can do the file transfer! Hacker won't expect this.

ssh_rundirect also gives you much flexible control: you can set an account which will only execute certain commands in jail, but others in normal environment or reverse; or only certain commands can be executed either in jail or open environment, but others will be rejected.