Resolution: Won't Do
The main reason why I end up creating additional permission schemes is to allow specific users elevated rights for a particular project. This is quite a common need, as project leaders often need to delegate certain tasks. An example is delegation of "defect management" for a project. Ordinarily, on the assignee, reporter and project lead can edit or re-assign an issue. However the defect manager needs to be able to do this for any issue in the project.
Basically what is needed is a built-in per-project group called "Project Admins" or similar. It would be different for each project (like the project lead is), but could be assigned permissions globally within a scheme.
Alternatively, you could allow permissions to be assigned to the group of Component Leads (implicitely per-project).