Debian often removes these kind of binaries by patching the upstream tarball. When they are not used, that should be quite easy anyway. That's why the attacker put the statement in the first place. It increases the chance that distributions will accept these.