We have a web server and are trying to meet a clients requirementes around accountability.
Basically, everything in the system should be accomplished using user accounts that are individually identifiable. So basically, no root user, since that's anonymous.

So how should we set up these user accounts?
Being administrators, we want them to have easy access to files not owned by them, such as ones uploaded using FTP accounts or via apache.

We want to be as secure as possible though.

My current thought is to add them to the root group so they have full read access throughout the system, and add them to sudo, but I worry that gives them too much control... Thoughts?

I've seen stuff like this done with sudosh - http://en.wikipedia.org/wiki/Sudosh
Is that something like what you're looking for?

My thought is that rather than extending permissions, you are actually wanting to force all users to give group read access to files.

This might require a mix of techniques: making use of umask defaults, perhaps using the sgid bit on directories, and permission defaults on applications such as apache.

The problem is that if users have shell accounts, it is hard to prevent people placing additional restrictions on files without breaking things.

And there are some circumstances where files should be hidden (eg private encryption keys).

An alternative option would be to have a daemon or cron job that periodically vets the system for hidden directories/files.

You could also look into SELinux, which implements a more fine-grained access control than traditional linux.

rootsh http://sourceforge.net/projects/rootsh/ is popular for tracking purposes.
I believe you can use it for the login shell, not just sudo.

Give each user a personal group (see Redhat default useradd mechanism) and create an upload dir owned by a separate user.
Add Apache & FTP to the upload group, also all users. Use the SGID bit to control default ownerships.
Do not add users to root group or give them sudo unless you need them to do admin work.
You should also look at SELinux (try Centos/RHEL).
You probably won't need ACLs unless you have some users with very individual requirements. (Hmm, maybe on the upload dir).

Set perms on user's home dir drwx------ .