If you have directory level security enabled for your site then you should be ok to use the everyone setting for the security of the advanced file manager. To ensure that your files are secure though you should make sure they are all within the secure directory.
You should put the upload folder in a place where it will be accessible to anyone that is using the advanced file management features. If only authenticated users can upload it should be ok to have this folder in the root of your site.