PureFTP (and undoubtably others) easily supports virtual users. Whatever you use, you want to make sure it uses its own password files instead of /etc/shadow. You might be able to specify that with PAM, but some applications use their own format so you can easily specify additional restrictions. Bear