WHM's DNS cluster permissions / security issues

Hi,

We have the following scenario:
We have a pre-existing cluster of DNS servers on three cpanel servers.
We are now getting ready to deploy a few VPS hosts, but we ran into this problem:
If we set up a VPS, enable DNS clustering, and provide root access to the customer afterwards, he can control the DNS zones of all zones in the whole cluster, not just his local VPS zones.

From my understanding it should be:
whm reseller > has control over his accounts
local root or vps root > has control over all local or all of his vps accounts
cluster manager > has control over all clustered accounts

However, there is no such thing as a cluster manager and the setup is:
whm reseller > has control over his accounts
local root or vps root > has control over all clustered accounts

So, I guess there is currently no way to enjoy the benefits of the DNS cluster on a VPS without compromising the security of the entire cluster?