It's not a good idea to use Interactive User. You can't be sure who will be logged in.
You are correct but look at the bold writing...
You can set it as the Interactive User which means that the component inherits the rights of the user currently logged in the machine where the component resides. Or you can choose to give it an explicit User Name and Password should the Interactive User not have sufficient rights.
Yes, that's exactly what you should do. Create a special user account just for the COM+ application.
I don't know about the "exactly" part. I guess it would all depend on the situation. High Security would definately require a specific account with only the necessary rights needed to get complete the job. However, in a development environment you already have enough problems trying to debug a COM+ component written in VFP let alone having to deal with security issues on top of it. I think you can relax during development and tighten up security as needed on a live system.