If you're concerned about FTP security, you might want to run wuftp. 
You can restrict each user to a specific subdirectory using
'chroot'.

As far as I know, this confines any possible damage to that subtree
unless you blindly uncompress an uploaded file that contains
absolute pathnames. I don't know about DOS attacks involving very
large uploads to your site, but wuftp may also let you set limits on
upload size and frequency. 

   http://www.wu-ftpd.org/

Latest release:
   ftp://ftp.wu-ftpd.org/pub/wu-ftpd/wu-ftpd-current.tar.gz

Vic