The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because