You should probably lock people down to one folder only. If you let them change folders, they can still get you into trouble.
I think it would be good to add a new permission to control which users will have access to the File Manager.
This requires more than 1 change. You have to scrub the File Manager project and make sure you change everything related to chaning directories.
Make sure you set up security on this module. I can't even guess how many people don't understand Windows authentication, and have left this module wide open for use by anyone! The smartest choice is to change it to use Forms authentication, so it will behave like the other modules.