[jbri]

Where else would you store the salt?

If you're storing it in a place more secure than where you're storing the password hashes, why not store the password hashes there in the first place?

[miguelpais]

If the salt is the same for all the users you can have it on the source code that hashes the passwords. Not always being SQL injected means having the back-end code leaked.

[tedunangst]

That defeats the purpose. The whole point is to have a unique salt per user to force the cracker to spend time on every password.