No, it is not. That's just the third of three ways that it gives in which one can arrange to inject the malicious shared library into the server process. The first and second ways do not involve FILE privilege, nor OUTFILE/DUMPFILE.
The first way involves setting "global general_log_file", which requires SUPER, which is frankly worse having FILE. The second way ALSO involves "global general_log_file", but is incomplete because "One problem will remain however. MySQL will refuse files that do not start with
a valid [section] header with the message:" It's stated that there is a workaround, but this still requires SUPER. So yeah, you may not need FILE, you just need SUPER instead, but if you are running a webapp with a mysql user that has SUPER, you are still doing it all wrong...
