Is there any way to synchronize AD users with Office 365 but still be able to edit them online?

You are correct.

Once the user accounts are synchronized, the accounts on O365 essentially become read only copies of the AD credentials. It's not a two way trust, so no you wont be able to make any changes.

Using PowerShell you should be able to make any of the changes your looking for in O365. http://community.spiceworks.com/how_to/show/28793-managing-office-365-using-powershell

I haven't gone down the local exchange server route so I have no information on that one.

I wanted to let you know we are in the same boat, but already deployed and using O365 keeping logins separate at the moment. I looked at the new dirsync w/ pwd sync but ran into the same scenario as you and really didn't feel like messing with the local schema extensions and attribute editing. While it probably would be the "best" choice long term and fully supported by MS, I just didn't feel like going that route yet.

We're looking at just using this: http://www.messageops.com/software/office-365-tools-and-utilities/office-365-password-synchronization instead. It handles password syncing but doesn't mess with actually syncing their AD accounts themselves.

This may not work for you, but wanted to throw it out there as on option.