Currently, an out-of-the-box implementation of Apache Solr Multisite Search doesn't respect the node access settings of sites other than the one you are on. For example, if site A leverages taxonomy access control, the node access will be respected when searching from site A. However, if another site B is able to search site A via use of this module, the node access settings for site A are NOT respected when searching from site B possible exposing sensitive data. This is a very complex problem to solve, but for now there should be better documentation and possibly dismissible warnings that node access restrictions aren't honored for the other sites.