Perhaps for each permission, the developer should be required to fill in a line or two indicating which features of the app rely on that particular permission. I've look at apps before and wondered to myself "why the heck do you need permission for x or y?"
That won't really help. The problem isn't asking for permissions which explaining why they're needed; the problem is what the app can do with those permissions once it has them. Sure, that social media app has a nifty feature for inviting your contacts to join, and for that it needs access to your contact list (whether you want to use the feature or not). But once it has that access it can just as easily grab all your contacts' e-mail addresses for the purpose of sending junk mail.
In most cases it's entirely possible to disable a permission in a way that won't cause the application to crash. Instead of supplying the user's real contact list, just give the app an empty list. When the app asks to connect to the Internet, pretend the device is in airplane mode or out of the service area. Never reveal that a permission was denied, since that would allow the app to refuse to work without it.
As for whether the permission should be enabled in the first place, the system should ask the user the first time the permission is used. And rather than listing what the app claims it will do with the permission, the system should list the most damaging things the app could do with it.
To fight "permission bloat", every additional permission requested by the app should also require a thorough audit by the app store (at the developer's expense) to verify that the permission is used responsibly. Someone needs to follow up on how permissions are used as a basic security precaution, and it isn't reasonable to expect users to take up that task for apps released through the app store. (Sideloading is another matter.)