If you are afraid that the user may download a malicious script or files with viruses, that can harm the site, then read a new lesson from my site. I recently found an interesting piece of code in the form of a filter, which can be added to the file functions.php. If you want to restrict download access to everyone but yourself, then you can put it in an array $users your login.

add_filter('upload_mimes','restrict_mime');
function restrict_mime($mimes) {
    global $current_user;
    get_currentuserinfo();
    // change users in list
    $users = array(
                              "ryan",
                              "steven",
                              "larry",
                              "jerry"
                            );
    if (!in_array($current_user->user_login, $users)) {
        $mimes = array(
                        'jpg|jpeg|jpe' => 'image/jpeg',
                        'gif' => 'image/gif',
        );
        }
        return $mimes;
}

You can also add MIME types of files that are allowed to be used for uploading. Alternatively, you can add the following types:

'png'     => 'image/png',
'bmp'    => 'image/bmp',
'tif|tiff'  => 'image/tiff'

Everything is working, I checked everything. If you want to see what types are allowed for you now, then read the article “Supported file types for upload” Good luck developing secure sites.