I would guess that svnsync was designed under the assumption that it would be run on the slave repository via a cron job or something. It's a pull tool, not a push tool.
That said, your suggestion seems reasonable. (When I've set up replicated repositories using push, I've used svnadmin dump and svnadmin load, not svnsync. But that doesn't work for your scenario since it doesn't obey authz rules.)
