FTP questions

[Alundra]

I have some questions regarding FTP.

Say I set up an account, that goes to my root folder (for another person). That person can come to a login screen by going to my website /controlpanel. Can that person access the control panel? SQL databases? Can ANY sort of FTP account access the databases, and which types (so I can avoid them)? I ask because there are settings files inside my site with plain as day database passwords and usernames, It's not something I can just delete or "hide".

If I was to give FTP to an unknown person, who was offering support for some software (say a forum) or offering to help me with my website (maybe I don't know the code as well as I would like) what could happen? Could they (other than file damage) do any harm? If I gave them my main FTP account, could they lock me out, and is there any way to get back in again?

I appreciate any answers you can give me
Thank you

[cpanelkenneth]

Typically, an FTP account can only access your home directory and below. Your databases and their login info is not stored therein. Any passwords that are stored in your home directory by cPanel are encrypted.