For a project I’m working on, I needed to make a distinction between user types. Not the default read / write things, which are default of course, but my own set. So I went looking and found the customizable Role Definitions.
Basically, a custom role definition adds an option to the ‘manage rights’ section of your SharePoint site. So where the default options list the default roles like ‘Limited Read’, ‘Read’, ‘Contribute’, etc, you can add you own option to this. The big advantage is that you can let your site admins take care of setting those rights. No need to create custom groups or things like that.