So I've finally gone multisite and it's got some really cool features that I'm discovering. However one part that I've seen has been discussed a bit is the fact that site admins can't by default install themes on the network. While enabling this feature is certainly possible, the claim is that one had better trust all site admins because who knows what they could upload using this permission (viruses etc).
I don't know all my site admins but I feel like one solution would be to go into theme-install.php and comment out the ability to upload files to the server through the theme install interface. This would restrict users to searching the wordpress theme database, posing no increase of security risk as it would operate entirely within a closed network.
Does anyone have any thoughts on this hack? Am I overlooking something?