I do like PostgreSQL (a lot) too. However, such a recommendation more or less means: do not trust RDBMS implementations for security in their database software.
(Not even mentioning database applications security - usually not even relying on database-level user ids.)
Well, if your data does not deserve security, does it really deserve a RDMBS? I'd rather the Pg team *simply* acknowledge that they are sometimes doing mistakes and handling them responsibly (as they did). That makes them more trustable and differentiates them a lot from other RDBMS implementations (esp. proprietary ones).
On the contratry such comments do not make them more trustable in the eye of actual security conscious users. IMHO, database administrators should first find what is good for the host system security by themselves - not following random advice from the Internet (even if coming from the RDBMS developpers themselves).