Well, create him an actual account with his own home directory, giving him read and write access to it. You can also make it so he doesn't have a valid shell either, keeping him from logging into the box by any other means besides FTP by making his default shell /bin/false and adding /bin/false to /etc/shells file.
You can also look into maybe setting him up with chroot to jail him to his own home directory, so he can't view or browse to other parts of the filesystem.
|