My approach would be to allow Apache to write to a certain directory somewhere, preferably one that is *not* directly served to the web, and then have another process running as another user watch for new files there, check that they meet certain criteria, and then take some desired series of actions with them, such as copying them into a certain web-served directory.

The more restrictive the 'certain criteria' can be, the more you reduce the potential for abuse. At minimum I would definitely restrict it to files ending with certain extensions, such as '.pdf' and any other specific extensions you really need. Ideally, if performance is not prohibitive, I'd prefer to also check that the files are actually valid PDF files. Additional checks could be made as well, e.g., against the filenames.