Here's one idea.
Originally Posted by kapuze
1. Create a new system user with no shell
2. Make the password file owned by that user
sudo useradd -r -s /bin/false <User A>
3. Make the password file readable only by that user
sudo chown <User A>: <passwd_file>
4. Change the owner of the application file. The colon below is important.
sudo chmod 700 <passwd_file>
5. Ensure the application has the correct world permissions
sudo chown <User A>: application
That way you have locked down the password file to the superuser and the owner (User A) of that file.
sudo chmod 755 <application>
That owner will be the application as it will be the only user with that user name.
User B will be able to run the application as it has world execute privileges.
User account B will still be able to use cat etc but not on that password file as only the owner can read it.
Is that what you want ?
BTW: Double check all the switch in the commands i have entered above.
EDIT: I had to edit this.
My excuse ? It's been a long week