Hi,
You can do this with ACL (Access Control Lists), but that's probably too elaborate for what you have in mind (
http://www.suse.de/~agruen/acl/linux-acls/online/ Not SuSe bound.... feed google for loads of info).
Can't you do something like this:
Filename: test.file.01
Owner : user_01
Group : bar
Perms: 640 (rw-r----)
user_01 has primery gid: foo
user_02 is member of group bar (does not have to be primary)
user_01 can rw the file (because of ownership, not the foo group.)
user_02 can read the file (he's member of the bar group.)
Maybe I oversimplified this, but hope it helps.
