Be cautious while granting the FILE privilege to any user because the user can write a file anywhere in the filesystem with privileges of the mysqld daemon, which includes the server's data directory. However, they cannot overwrite existing files. Also, users can read any file accessible to MySQL (or the user that runs mysqld) into a database table. FILE is a global privilege, meaning you cannot restrict it to a particular database:

mysql> SHOW GRANTS;+--------------------------------------------------------------------+| Grants for company_admin@%                                         |+--------------------------------------------------------------------+| GRANT FILE ON *.* TO `company_admin`@`%`                           || GRANT SELECT, INSERT, CREATE ON `company`.* TO `company_admin`@`%` ...