In the end, a person should be able to copy his objects a different schema; therefore, one would not want to hard-code a schema name to every object.
This is basically the issue. By allowing schema to be flexible you expose your system to masquerading. A more secure, yet still reasonable, posture is to treat the namespace layout of the database as a fundamental property of the model. Where that starts to break down is dealing with multi-tenant situations and trying to have shared and not-shared schema components. Not sure what the good solutions are if your application wants to operate under that model - but that affects a minority of people and doesn't seem to be the case here.
