You must move many of the people/groups down to author with create/delete access. This way, people will only be able to edit and delete documents they create. You can give your most trusted people editor or above, and they will be able to edit or delete any document. To give 'author' access to more than just the person who created the document, you need to put a 'author' field on the form that can be filled in by the document author. Any person or group they put in the field will have the ability to edit/delete the document as long as their name/group is in the ACL list with author.
This was first published in February 2001