Hi Orna ,
from the same note
"The relevant authorizations for maintaining users and user profiles are necessary for copying user master data and user profiles"
Hence believe for copying as well we need the S_TABU* authorizations
S_TABU* authorizations are required for the user performing the client copy and the RFC user used in the source .
Thanks ,
Manu