The current implementation of users permission is quite limited and the granularity is poor, for instance functions like string_to_file is only authorized for dba which obliged to set dba permission for user needed to export data, whereas it could exists a FILE permission if I take inspiration from mysql.
So I guess some overhaul is needed for user permission design.