These are internal and not supposed/intended to be customized, so no, we're not planning on changing these.
If you want functional flexibility with roles and nodes - i.e. more fine-grained permissions - you should look at ACLs, which ModeShape supports: http://www.day.com/specs/jcr/2.0/16_Access_Control_Management.html
Yes, I am already using ACLs. But still, the users need have (at least one of ) the three hardcoded roles regardless of what ACLs I assign to nodes, right?
My biggest problem is that the roles have very general names which are likely to conflict with existing roles used for other purposes.