Some easy words to understand the Change in Security Model for SharePoint 2007. The lines below will provide some basic overview of the Security in SharePoint 2007.
The way that groups and permissions interact has changed significantly from the previous version.
In the previous version, site-level groups were used to contain both users and permissions — that is, when you added a user to a site group, you automatically determined the permissions that the user was granted for a site.
In this version, the concepts of groups of users and permissions have been separated I.e.
SharePoint groups at the site collection level contain the users,
Permission levels contain the permissions, and
Groups have no permissions until
they are assigned a permission level for a specific securable object (such as a site, list or library, folder, item, or document)