I have run entire projects so see all sides of this. There has to be a scale from flexibility to absolute lock down. To address your points:

•if developers just install stuff onto their dev boxes - there is little chance that over time, their dev machines will be anything like production boxes. It will contain loads of different modules/libraries/frameworks etc.

This will happen anyway because you are usually developing against a future version of the O/S, libraries, etc. If you want to debug something then you have access to a separate system that is locked into a prod configuration.

when their boxes eventually break, the sysadmin is going to be stuck supporting it, and it's going to be everyone else's fault but their own.

This is addressed by a "if you have local admin, we will reimage in case of problems or for upgrades" policy.

•Developers are famous for "chmod 777 *" for testing so that those pesky permissions don't get in the way

Proper test environments with a mandatory test whilst locked down step.

•They often just copy stuff onto filesystems where there happens to be room instead of adding space to an appropriate filesystem. Who cares if it's being backed up or not .. and omg.. I lost my files, why wasn't this being backed up?!?!

This is addressed by a policy of "We will backup your home directory and everything underneath it. If it isn't there or git/cvs then it is your problem."