No, package managers should just remove the setuid bit before unlinking the file.
This doesn't affect running programs. It does affect someone who starts to run the program at the moment that the suid bit is removed, but this is already a problem during package upgrades (the file is temporarily removed, so attempts to run it can fail briefly).
It's actually possible that package managers do this correctly already, since this problem is very old and well-known.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds