diff -Nru vsftpd-2.3.5/debian/changelog vsftpd-2.3.5/debian/changelog
--- vsftpd-2.3.5/debian/changelog	2012-03-27 23:38:21.000000000 +0000
+++ vsftpd-2.3.5/debian/changelog	2012-10-16 03:33:10.000000000 +0000
@@ -1,3 +1,10 @@
+vsftpd (2.3.5-1ubuntu2ppa1) precise; urgency=low
+
+  * debian/patches/11-allow-writeable-root.patch: 
+    + Backported allow_writeable_root feature from vsftpd 3.
+
+ -- The Frontier Group <support@thefrontiergroup.net.au>  Tue, 16 Oct 2012 11:28:42 +0800
+
 vsftpd (2.3.5-1ubuntu2) precise; urgency=low
 
   * debian/rules: Fix hardening based on Debian changes from 2.3.5-2 and -3.
diff -Nru vsftpd-2.3.5/debian/patches/11-allow-writeable-root.patch vsftpd-2.3.5/debian/patches/11-allow-writeable-root.patch
--- vsftpd-2.3.5/debian/patches/11-allow-writeable-root.patch	1970-01-01 00:00:00.000000000 +0000
+++ vsftpd-2.3.5/debian/patches/11-allow-writeable-root.patch	2012-10-16 03:28:40.000000000 +0000
@@ -0,0 +1,89 @@
+## Description: add some description
+## Origin/Author: add some origin or author
+## Bug: bug URL
+Index: vsftpd-2.3.5/parseconf.c
+===================================================================
+--- vsftpd-2.3.5.orig/parseconf.c	2012-10-16 10:30:22.000000000 +0800
++++ vsftpd-2.3.5/parseconf.c	2012-10-16 11:25:52.000000000 +0800
+@@ -106,6 +106,7 @@
+   { "isolate_network", &tunable_isolate_network },
+   { "ftp_enable", &tunable_ftp_enable },
+   { "http_enable", &tunable_http_enable },
++  { "allow_writeable_chroot", &tunable_allow_writeable_chroot },
+   { 0, 0 }
+ };
+ 
+Index: vsftpd-2.3.5/secutil.c
+===================================================================
+--- vsftpd-2.3.5.orig/secutil.c	2011-12-18 03:44:20.000000000 +0800
++++ vsftpd-2.3.5/secutil.c	2012-10-16 11:26:20.000000000 +0800
+@@ -132,7 +132,8 @@
+   /* Misconfiguration check: don't ever chroot() to a directory writable by
+    * the current user.
+    */
+-  if (options & VSF_SECUTIL_OPTION_CHROOT)
++  if ((options & VSF_SECUTIL_OPTION_CHROOT) &&
++      !(options & VSF_SECUTIL_OPTION_ALLOW_WRITEABLE_ROOT))
+   {
+     if (vsf_sysutil_write_access("/"))
+     {
+Index: vsftpd-2.3.5/secutil.h
+===================================================================
+--- vsftpd-2.3.5.orig/secutil.h	2009-05-27 14:16:15.000000000 +0800
++++ vsftpd-2.3.5/secutil.h	2012-10-16 11:26:37.000000000 +0800
+@@ -32,6 +32,8 @@
+ #define VSF_SECUTIL_OPTION_NO_FDS       8
+ /* Use RLIMIT_NPROC to prevent the launching of new processes */
+ #define VSF_SECUTIL_OPTION_NO_PROCS     16
++/* Permit a writeable chroot() root */
++#define VSF_SECUTIL_OPTION_ALLOW_WRITEABLE_ROOT     32
+ 
+ void vsf_secutil_change_credentials(const struct mystr* p_user_str,
+                                     const struct mystr* p_dir_str,
+Index: vsftpd-2.3.5/tunables.c
+===================================================================
+--- vsftpd-2.3.5.orig/tunables.c	2012-10-16 10:30:22.000000000 +0800
++++ vsftpd-2.3.5/tunables.c	2012-10-16 11:26:55.000000000 +0800
+@@ -87,6 +87,7 @@
+ int tunable_isolate_network;
+ int tunable_ftp_enable;
+ int tunable_http_enable;
++int tunable_allow_writeable_chroot;
+ 
+ unsigned int tunable_accept_timeout;
+ unsigned int tunable_connect_timeout;
+@@ -226,6 +227,7 @@
+   tunable_isolate_network = 1;
+   tunable_ftp_enable = 1;
+   tunable_http_enable = 0;
++  tunable_allow_writeable_chroot = 0;
+ 
+   tunable_accept_timeout = 60;
+   tunable_connect_timeout = 60;
+Index: vsftpd-2.3.5/tunables.h
+===================================================================
+--- vsftpd-2.3.5.orig/tunables.h	2012-10-16 10:30:22.000000000 +0800
++++ vsftpd-2.3.5/tunables.h	2012-10-16 11:27:08.000000000 +0800
+@@ -88,6 +88,7 @@
+ extern int tunable_isolate_network;           /* Use CLONE_NEWNET */
+ extern int tunable_ftp_enable;                /* Allow FTP protocol */
+ extern int tunable_http_enable;               /* Allow HTTP protocol */
++extern int tunable_allow_writeable_chroot;    /* Allow misconfiguration */
+ 
+ /* Integer/numeric defines */
+ extern unsigned int tunable_accept_timeout;
+Index: vsftpd-2.3.5/twoprocess.c
+===================================================================
+--- vsftpd-2.3.5.orig/twoprocess.c	2011-12-18 03:44:37.000000000 +0800
++++ vsftpd-2.3.5/twoprocess.c	2012-10-16 11:27:34.000000000 +0800
+@@ -426,6 +426,10 @@
+     {
+       secutil_option |= VSF_SECUTIL_OPTION_CHANGE_EUID;
+     }
++    if (!was_anon && tunable_allow_writeable_chroot)
++    {
++      secutil_option |= VSF_SECUTIL_OPTION_ALLOW_WRITEABLE_ROOT;
++    }
+     calculate_chdir_dir(was_anon, &userdir_str, &chroot_str, &chdir_str,
+                         p_user_str, p_orig_user_str);
+     vsf_secutil_change_credentials(p_user_str, &userdir_str, &chroot_str,
diff -Nru vsftpd-2.3.5/debian/patches/series vsftpd-2.3.5/debian/patches/series
--- vsftpd-2.3.5/debian/patches/series	2012-01-19 07:34:08.000000000 +0000
+++ vsftpd-2.3.5/debian/patches/series	2012-10-16 03:24:10.000000000 +0000
@@ -8,3 +8,4 @@
 08-manpage.patch
 09-s390.patch
 10-remote-dos.patch
+11-allow-writeable-root.patch