hmm..I'm not a permissions pro (yet, at least) and I'm kind of a busy now, but one thing that came to my mind was this:
you create dir for the user, make it's permissions so that the user can reside in it (owner or so), and s/he cannot go "outside" it (a bit like home directories, but more strictly so the user doesn't have permissions to read /usr/bin and so on, either...dunno why you'd like to do this, though, because then s/he wouldn't be able to do anything...that is, if s/he only had read permissions to that one single dir). anyway.
then you would make some files readable/writeable by that user, with a new group or something, whatever you wish. put the files inside a dir that the user has no access to..so he can't straight open the file. then you would create a symlink to that single file, inside the user's dir, so that the user would have permissions to the symlink and to the file through it... (I have no idea if this works, if the user cannot read the directory the actual file is in).
so the user would use the files through symlinks. I have really no idea if this works (so I guess it doesnt
hehe), but try it out if you can't figure anything else out.