currently there's a secure ftp wrapper called safetp: http://www.cs.berkeley.edu/~smcpeak/SafeTP/
with that program you can use the ftp server you like more (my choice is ncftpd, free for personal use). from windog workstation the users can use any ftp client they like: acting as proxy this safetp encrypt the ftp password exchange.
IMHO definetivly the lack of groupware tools as a simple (and secure) way to share files between users and from users and the rest of the world, the lack of acl, and the lack of really automatic way to install machines make
ACL's are somewhat overrated but would be nice. As far as install, RedHat does Kickstart, one floppy, config can be stored on server making it really nice, alas no other vendors seem to have this (HINT!).
the linux boxes administration a nightmare and normally are menace to the system security (how many sites are using ssh? many? but there're many more with a broken syslogd:-( ).
Hate to break it to you but ANY OS installed out of the box has root hacks (even OpenBSD). Updates are required, at least with linux we have autorpm/etc and can easily update from the command line remotely (unlike say NT, unless you invest in SMS). Have you looked at PiKT? see the LSKB.
best regards, antonio cavallo
-Kurt