Comment 3 for bug 672953

It seems that this was partly my mistake, as the permissions of the fifo file were wrong. But this means that rsyslog opened the fifo before dropping privileges and was thus able to open it as root. When the HUP signal is sent, reopening the fifo fails because rsyslog is no longer run as root.

This is a known issue, and there's more info here: http://wiki.rsyslog.com/index.php/Security#Dropping_Privileges. It seems that the privilege dropping has not been implemented in a very secure manner.