ACLs, encrypted filesystems? If you don't trust root, you should reserver uid zero for yourself and delegate controlled access to administrative functions to other users with sudo. sudo is a much more widely-used and supported solution and would bring with it none of the stability or support issues related to ACLs and crypto filesystems.