> The postmaster and backend can and should refuse to run with an
> effective Unix userid of 0 (root), but that doesn't mean that
> a Postgres ID of 0 is insecure, does it?
The usual setup has the Postgres ID same as the unix id, thus
0 would be reserved for root.
I think this setup has the advatage, that we could someday issue
setuid() calls for "dba and untrusted stored procedures", which would
imho be a very handy feature.
Andreas