In order to make logrotate more robust against manipulated
log directories logrotate was changed to

* add a "su" config option which makes logrotate run
partially as the specified user
* run external helpers like log file compressors as the
user configured with the "su" option
* issue a warning for log directories writable by non-root
users
* not follow symlinks when rotating logs