Use /usr/sbin/adduser to add new user. By convention,
the username is the same as the program. For example,
named would have a username and groupname of named, or
bind.
# named -u bind -u bind
When using this the program still starts as root, but
the child processes run as user 'bin'. Under some
DOS (Denial of Service) attacks the child processes
die, but the root process lives.