superuser authentication?

I'm setting up postgresql (8.1) on what I hope to be a very secure server
(SUSE Linux 10.1).

Only authentication allowed by anyone is 'local' (unix-domain sockets).

Most users I plan on authenticating by PASSWORD (web connections are made to
an apache webserver over SSL; the actual postgresql connections are
themselves all local via pg_connect).

What I'm not sure about is how to authenticate the postgresql superuser
(user 'postgres' on my system).  I'm considering:

1.  Using ident (supposedly secure because of the SO_PEERCRED mechanism; and
I've made a lot of effort to secure the server at the OS level)
2.  Using password (_not_ stored on disk in e.g. pgpass)
3.  Using reject

My questions:
* Is 3 overly paranoid in the context of a production server?
* Would 2 or 3 hobble some kind of daemons?  (A cursory search led me to
think that maybe pg_autovacuum wouldn't work, and I'm not sure if there are
other such daemons.)
* If the choice came down to 1 vs 2, is there much argument for one over the
other in terms of security?  (I realize that there might not be a clear
answer to that.)

TIA