Prevent users from killing processes that they own

Start a command as a different user is usually done with su, sudo or by setting the setuid bit in the permissions of the executable.

You do not want to have executables run as root unless they absolutely need to, as that user has all priviledges. If those processes don't need any priviledge, you can make them run as "nobody" which is the user whom we try to grant the least prviledges as possible.

A user has always the right to kill its own processes (as long as it's got access to the kill system call), or said otherwise, a process of a given effective uid has always the right to send a signal to a process running as the same effective uid.