If your ftp user can read and write anything, you have done something seriously wrong (I highly doubt this is the case, make sure you actually have WRITE permissions to stuff). If your ftp user can read files all over the system, then this normal. most files have at least read access for everyone by default. The reason you only see /home/ftp when logged into the FTP server is because your ftp server has a nice default config and wont let users traverse directories beyond their home directory (also normal) If the FTP sever allows the following of symlinks (I suggest you find your ftpd.conf and give it a good look over), you can create a symlink to /var/www/html (sub your DOCROOT here) in the /home/ftp directory. I would then use groups to allow access for user 'ftp' to the docs/directories needed. If the DOCROOT is group is apache (or webuser or www-data, whatever your webserver runs as, hopefully NOT root) then add the ftp user to the Apache (or appropriate) group, this should allow write permission in that directory without resorting to the evils of worldwriteable files.

Sidenotes: SFTP is possible with newer versions of DW, and I would reccomend that over standard FTP.
Zencoder: I believe you are confusing the 'su' command with 'sudo'

-Maestr0