Why do databases require a separate user account when installing?

When I install PostgreSQL in Mac OS, I need to create a user named "postgres' in order to install the DB. I think the same thing applies 开发者_开发百科for many other DBs in Unix. So what is the reason that we need a new user for installation?

Because it's good idea to run different things as different users so that if somebody breaks in through a security hole in one program they are limited in what they can do to the things that the user for that particular service can do.

PostgreSQL doesn't require special account. It can be any, as long as it's not root. You can run Postgres instance on your own user, or any other.

Most installations do create or require some "postgres" user because of security - running as the same user as webserver would be rather bad idea.

Because in the traditional *nix security model, what a program is allowed to do is defined by the user that program is running as.

There are also security subsystems (e.g: Selinux, SMACK, RSBAC ...), where what a program is allowed to do is typically defined by explicit rules controlled by the Security Administrator.