There are some workarounds, including mucking around with your security model:
However, the solution I find preferable is to take advantage of the 80% solution/20% effort that Selenium is out of the box, and not test file uploads directly. Instead, add a helper action like
/fileupload?file=path/to/my/file.txt that you can invoke from Selenium. Have the helper action do the basic file upload, just like the webpage does, and then return to testing your site post file upload! This is the simplest, most cross platform approach. It’s also a very good pattern for working around other gotchas in Selenium.