Comment 31 for bug 24280

Since the user has root access anyway, allowing to use the user's theme is not a problem. There are certainly many other holes like this in GTK, and the only way to avoid them is to not run GTK applications as root, ever.
For one, the application does apply the users theme settings, it just searches for the theme in the wrong place. If you want this kind of security the application should *not* use the user's settings.

However, there is one more problem. If you su to an user other than root the ~/.themes might not be accessible. Anybody doing that must do it manually, though. So they should also know how to make their theme available.