The 'nobody' user that's running the daemon has zero privileges on the machine. It's usually reserved for untrusted daemons like httpd, etc.
https://wiki.ubuntu.com/nobody
It's really just a convention for a user that has minimal permissions on the system so that if you get hacked, there is less potential for damage. This may or not be the case (lots of root escalations happen with the nobody user), but it's good best practice anyway.