Sounds legit to me. Padman could be seen as a separate Unix system or the programs to live in, and therefore would have its own set of user and group IDs. As long as the created files have permissions that are different from The host permissions and they will still be inaccessible without some permission manipulation.