18.1. The PostgreSQL User Account
As with any server daemon that is accessible to the outside world,
it is advisable to run
PostgreSQL
under a
separate user account. This user account should only own the data
that is managed by the server, and should not be shared with other
daemons. (For example, using the user
nobody
is a bad
idea.) It is not advisable to install executables owned by this
user because compromised systems could then modify their own
binaries.
To add a Unix user account to your system, look for a command
useradd
or
adduser
. The user
name
postgres
is often used, and is assumed
throughout this book, but you can use another name if you like.