I thought of another way to do this, but its sort of a hack.
Basically you need another object to grant admin privileges over, besides the package_id/site_node.
If you want them to take care users and registrations etc, you can simply check permission on the group with the associated subsite (or main subsite/registered users) instead of the package_id.
You'd have to move the pages outside of /admin/ but its pretty straightforward, and even logical, to have admin privilege over the group and be able to manage the memberships for that group.
