Display of objects is application specific. Permission procedures need to run for every object, which includes permissions on a specific subsite. This means that the url must point into the package itself, or it will require someone to design new pages for display of individual objects. For a lot of objects it doesn't make sense to display them out of context.
In some cases, I would even venture to say that the existance of an object_id should not be visable, the returned url could give away information all by itself.
Maybe if this functionality was only mounted in an admin area would I consider this a good feature.
In short this sounds like a new requirement without a purpose. If it is optional, I don't care. Otherwise I care: I don't want my package's objects to be displayed out of context, or at least I want the choice to not display them.
If there is a function that returns the url, the function must do the same security checks as required by the package to see a link to the object. This means the function may actually need to check permissions on a parent object.
