Description of the problem: Actually, rsyslogd is running with full set of capabilities. Whilst it's possible for rsyslog to drop privileges by impersonating as another user and/or group after startup, there are some modules that explicitly require root user rights. Thus, it's necessary to drop the capabilities to only the necessary set, to minimize security exposure in case there was ever a mistake in a networking plugin or some other input resource. The change should be done directly in the code with libcap-ng as rsyslog has many optional modules and some of them require additional capabilities.
FEDORA-2022-9ecb6fb031 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2022-9ecb6fb031
FEDORA-2022-9ecb6fb031 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.