Systemd has a bug where user names starting with a digit cause the user daemon to run with root privileges. According to the creator of systemd, this is not a bug and everything is fine. The reason everything is fine is because names like this, which are explicitly permitted by the base standards, are forbidden and tools shouldn't allow creating these names, so it's a bug in the tools for permitting names permitted by the standard.
Fsck systemd.
@jgoguen Yeah, it's a bug which should probably be fixed (hopefully Poettering will come to that decision, too).
Nevertheless it's not the end of the world: You need a root user to create a service file with an invalid user name first and then have the admin not read the logs after this.
@schmittlauch Never have I ever convinced an admin to install a package without checking the contents nor the post-install scripts ;)
Also never have I ever seen an admin who doesn't even know where to look for various logs…
