In 1.16 you could set a getUserPermissionErrors or userCan hook, return 'false' from it and allow the access to an otherwise protected page.
We used it to allow users customising MediaWiki:Edittools on a personal base, i.e. MediaWiki:Edittools@UserName.
In 1.17 these parts of code were refactored and now, 'false' from these hooks doesn't mean "stop processing rights", but does mean only "stop processing right hooks". And you can't allow some action on an otherwise protected page anymore.
This is not convenient :(
See Also: T32821: Title::checkPermissionHooks docs for "return true" with "$result = false" state that user should not be allowed to proceed