Each document list will, by default, inherit the security settings of the SharePoint site. In other words, if Axel is a member of the SharePoint group Member for the site, and therefore has Contributor permissions, he will also be a contributor for any document library and list in the team site. You can break the inherited permissions, when necessary, so Axel in this example gets other permissions specifically on a library. This is true, regardless of whether the site is a WSS site or a MOSS site, contrary to how it worked in SharePoint 2003, where only WSS sites allowed you to configure different permissions for a list or library.
Not only will SharePoint 2007 allow you to set specific permissions for each list and library in a site, but you can also set specific permissions on folders within a library, and even individual documents and list items. This is also new, compared to SharePoint 2003, and opens up a lot of opportunities to set whatever security definitions needed on the content of a site.
Another possibility for controlling the permissions for individual document items is to use Microsoft's Information Rights Management (IRM) client, which is supported by both Office 2003 and Office 2007 applications. This functionality is also known as the Rights Management Service (RMS) and allows you to define security settings such as:
Axel can read the document, but only Anna can modify it.
This document cannot be printed by Axel, but can be printed by ...