Malte,
I am planning to do some work in the coming weeks to address a similar requirement. What I plan to do though is this:
1) Modify the code to support permissions control at project and task level.
2) Progress the user interface to support sub-projects and 'aggregate tasks'.
The end result would be that groups/parties could be used to conveniently control who can see what. A master Project Manager instance on the Main Subsite could share projects with a subsite mounted instance of PM (and vice versa) based on permissions and group membership.
I also think Dave's suggestion is a good one - I think that it should be an option when mounting an instance of PM whether or not you want its projects to be completely insulated from other instances (content folders used where the answer is yes) or able to share between instances.
Regards
Richard