i'm scripting a backup process for a series of servers, where one server (the "backup server") will ftp into all other servers and grab files for backing up to tape on a scheduled regular basis.

now, we have two (debian 3.1) linux servers and a windows 2003 server, and on the win2k3, i created a user with total read access and no write access. as well, this ftp account is restricted to one static ip (that of the backup server).

i'd like to do the equivalent on the debian linux servers, to create a user account with read access to all files (can ftp in and GET any files owned by any user), but no write access (can't SEND or modify any files). and if possible, I'd like to restrict ftp access under this specific user account to a single static ip. (we're using ProFTPD 1.2.10 Server on the debian)

the problem is, i'm thoroughly versed in windows, but not so much in linux, and so i'd greatly appreciate any help given.

How about this:
Create a mere mortal linux user. he will have read-write access to his home folder. Have him execute the script for calling up ftp and store them in his home folder. This should improve system security, even if your script poses a security thread.
You automatically get the access rights of the user name you use to login. If user foo on the Win2k3 machine kan only read a file, so will everybody loging in as foo. So if your script logs into the ftp service as foo (call the user foo as well, for convinience), the access problem would be solved on both backup server and Win2k3.
I'm not really mean what you mean with "a single, static IP" though. The backup server should have a static IP or the server can only contact a specific IP? Or is the user only able to contact that one IP while the rest of the system can do what it wants?

the script is running remotely. I need it (the remote script) to be able to ftp into this debian server and have read access to ALL files and directories. it will then copy all these files to a remote machine via FTP.

the only way i know of to guarantee total access is by making the user a member of the root group, which I imagine is a HUGE security hole. hence why I'm asking if theres a way to gaurantee total read access to a user account of ALL files and dirs without leaving the front door open.

I see.
You are right, the only way to read ALL files is to be root or at least to bear a root groupuid. However the data that is for root use only is minimal (mostly lost&found's and /etc). I would encourage you to limit the files that need to be backuped to those really necessary (like home folders or libs), unless of course the root is used to altering system setting in /etc on a daily basis...
If you need to back up some more sensitive material like /etc ssh keyrings, do it on a local scale as root and then download the backup via ftp. Do this only after important (and functional) changes.

If you create a ftp acount for a user bearing root rights or even being root, I would advise you to use secure ftp.