Doesn't mean I want systemd silently escalating my process to root when I think I've told it to contain privileges of the process to a specific userid. Clearly the correct behavior for such a program is to throw an error if it is rejecting a username for ANY reason, even when that reason is supported by stilted reasoning.
What is going on here is that an admin thinks he has shored up the service defined in the service file, because hey, it runs. Only to later have the server 0wned because apparently it was running as root the whole time...