If we take security more seriously, we should go with your suggested solution.
Because of the FTP is not an encrypted protocol, allowing writing to root directory of logged-in user can be harmful. It is possible to overwrite
.profile, change default PATH, put infected binaries and prepare aliases for that etc.
Most of the cases, it would be a better solution to prevent ftp uploads on root directory of logged-in user and giving write permissions only to the subfolders rather than allowing with