I would love it if we could limit what file types could be uploaded and remove the listing of the upload path on the server.
Perhaps it could be setup similar to the music mask list. That way you could limit so that people could only upload .mp3 files etc... That would significantly reduce the risk of someone uploading something malicious.
Also the ability to choose more then one file for upload would be great since Zip files can be malicious as well.
Thanks!!