Index: wp-admin/includes/user.php
===================================================================
--- wp-admin/includes/user.php	(revision 17784)
+++ wp-admin/includes/user.php	(working copy)
@@ -7,6 +7,42 @@
  */
 
 /**
+ * Sanitizes and checks for permissions when working with a role
+ * string.
+ * 
+ * @param type $role the role string to be sanitized
+ * @param type $user_id the user id to sanitize the string for
+ * @return type string
+ */
+function wp_sanitize_user_role( $role, $user_id ){
+    global $wp_roles;
+    if ( is_string( $role ) ) {
+        $r = false;
+        $new_role = sanitize_text_field( $role );
+        $potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false;
+        // Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
+        // Multisite super admins can freely edit their blog roles -- they possess all caps.
+        if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != get_current_user_id() || ($potential_role && $potential_role->has_cap( 'edit_users' ) ) )
+                $r = $new_role;
+
+        // If the new role isn't editable by the logged-in user die with error
+        $editable_roles = get_editable_roles();
+        if ( ! empty( $new_role ) && empty( $editable_roles[$new_role] ) )
+                wp_die(__('You can&#8217;t give users that role.'));
+        
+        return $r;
+    } else {
+        //Can't do anything, so return the input
+        return $role;
+    }
+}
+
+/**
+ * Add the sanitize_user_role filter
+ */
+add_filter( 'sanitize_user_role', 'wp_sanitize_user_role', 5, 2 );
+
+/**
  * Creates a new user from the "Users" form using $_POST information.
  *
  * It seems that the first half is for backwards compatibility, but only
@@ -75,17 +111,7 @@
 		$pass2 = $_POST['pass2'];
 
 	if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) {
-		$new_role = sanitize_text_field( $_POST['role'] );
-		$potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false;
-		// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
-		// Multisite super admins can freely edit their blog roles -- they possess all caps.
-		if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != get_current_user_id() || ($potential_role && $potential_role->has_cap( 'edit_users' ) ) )
-			$user->role = $new_role;
-
-		// If the new role isn't editable by the logged-in user die with error
-		$editable_roles = get_editable_roles();
-		if ( ! empty( $new_role ) && empty( $editable_roles[$new_role] ) )
-			wp_die(__('You can&#8217;t give users that role.'));
+                $user->role = apply_filters( 'sanitize_user_role', $_POST['role'], $user_id );
 	}
 
 	if ( isset( $_POST['email'] ))
Index: wp-includes/user.php
===================================================================
--- wp-includes/user.php	(revision 17784)
+++ wp-includes/user.php	(working copy)
@@ -1341,10 +1341,10 @@
  * set the user's preference on whether they want the rich editor on.
  *
  * Most of the $userdata array fields have filters associated with the values.
- * The exceptions are 'rich_editing', 'role', 'jabber', 'aim', 'yim',
- * 'user_registered', and 'ID'. The filters have the prefix 'pre_user_' followed
- * by the field name. An example using 'description' would have the filter
- * called, 'pre_user_description' that can be hooked into.
+ * The exceptions are 'rich_editing', 'jabber', 'aim', 'yim', 'user_registered', 
+ * and 'ID'. The filters have the prefix 'pre_user_' followed by the field name. 
+ * An example using 'description' would have the filter called, 
+ * 'pre_user_description' that can be hooked into.
  *
  * The $userdata array can contain the following fields:
  * 'ID' - An integer that will be used for updating an existing user.
@@ -1506,12 +1506,12 @@
 
 		update_user_meta( $user_id, $method, $$method );
 	}
-
-	if ( isset($role) )
-		$user->set_role($role);
-	elseif ( !$update )
-		$user->set_role(get_option('default_role'));
-
+        
+	if ( isset( $role ) ) 
+                do_action( 'apply_user_role' , apply_filters( 'pre_user_role', $role ), $user );
+        elseif ( !$update )
+                do_action( 'apply_user_role' , get_option('default_role'), $user );
+        
 	wp_cache_delete($user_id, 'users');
 	wp_cache_delete($user_login, 'userlogins');
 
@@ -1524,6 +1524,23 @@
 }
 
 /**
+ * Hooks into the apply_user_role action to set the users role
+ * 
+ * @param type $role the role to set
+ * @param type $user the user to set the role on
+ */
+function wp_apply_user_role( $role, $user ) {
+    if ( is_string( $role ) ) {
+        $user->set_role($role);
+    }
+}
+
+/**
+ * Register the action for the apply_user_role hook
+ */
+add_action( 'apply_user_role', 'wp_apply_user_role', 5, 2);
+
+/**
  * Update an user in the database.
  *
  * It is possible to update a user's password by specifying the 'user_pass'