I'm running Filezilla server on my dedicated windows 2003 server.

It uses its own user-access control system.

The Filezilla server service itself is running under the System user.

When I setup users within the FTP Server Administrator Interface, I do not need to setup equivalent users, or adjust permissions on folders to allow users to login.

Example:

1. I setup TestFTP user with password 'p'
2. I set the home directoy of TestFTP user to be e:/website
3. I verify that e:/website only has permission for the System and Admin accounts (right click -> security in windows explorer)

TestFTP is able to login to the server just fine.

I'm OK with this (perhaps due to ignorance?).

Is it generally frounded upon to utilize a FTP Server such as FileZilla Server that bypasses the built-in UAC in this method?

If I wasn't clear enough, please let me know.