User groups allow easier access control maintenance, as users with
similar permissions can be administered together once rather than
separately several times. The special group Everyone always
exists and cannot be edited; it always contains all users as a
convenience.
User groups may contain other groups as well as users, allowing
complex hierarchies to be created if needed. Permissions for a user
are affected by all groups a user is directly or indirectly a member
of. For example, if user Amy is in group Programmers, and
group Programmers is in group IT, then Amy is also
indirectly a member of IT, and her permissions are affected by
those granted to not only herself and Programmers but IT
as well.