Here's an example. User B owns the file "shared_stuff", and it is assigned to the group "sharing".
The members of "sharing" are users A and C.
If user B sets the permissions to 060, then only users A and C can read and write the file. Nobody else. Not even user B, since he is not a member of the group.
(Yes, if User B has write/execute access to the directory that links to the file, he can rename or delete the directory entry. If that link is the last hard link to the file, the file will be deleted, the inode will be freed. But he can't read or write the data in the file.)
UserB:
Code:
$ grep sharing /etc/group
sharing:*:1020:userA,userC
$ ls -l shared_stuff
----rw---- userB sharing 13 Sep 30 13:38 shared_stuff
$ cat shared_stuff
cat: shared_stuff Permission denied
UserA:
Code:
$ cat shared_stuff
sharing data
$