As with any server daemon that is accessible to the outside world,
   it is advisable to run PostgreSQL under a
   separate user account. This user account should only own the data
   that is managed by the server, and should not be shared with other
   daemons. (For example, using the user nobody is a bad
   idea.) It is not advisable to install executables owned by this
   user because compromised systems could then modify their own
   binaries.
  
   To add a Unix user account to your system, look for a command
   useradd or adduser. The user
   name postgres is often used, and is assumed
   throughout this book, but you can use another name if you like.