diff --git a/debian/security-misc.postinst b/debian/security-misc.postinst
index a3fa5f2..5e83b03 100644
--- a/debian/security-misc.postinst
+++ b/debian/security-misc.postinst
@@ -15,7 +15,7 @@ true "
 #####################################################################
 "
 
-permission_hardening_legacy() {
+permission_hardening_legacy_state_files() {
     if test -d /var/lib/permission-hardener ; then
         return 0
     fi
@@ -25,6 +25,13 @@ permission_hardening_legacy() {
     mv --verbose /var/lib/permission-hardening /var/lib/permission-hardener
 }
 
+permission_hardening_legacy_config_folder() {
+    if ! test -d /etc/permission-hardening.d ; then
+        return 0
+    fi
+    rmdir --verbose --ignore-fail-on-non-empty /etc/permission-hardening.d || true
+}
+
 permission_hardening() {
     echo ""
     echo "Running SUID Disabler and Permission Hardener... See also:"
@@ -69,7 +76,8 @@ esac
 pam-auth-update --package
 
 /usr/libexec/security-misc/permission-lockdown
-permission_hardening_legacy
+permission_hardening_legacy_state_files
+
 permission_hardening
 
 ## https://phabricator.whonix.org/T377
@@ -92,6 +100,8 @@ true "INFO: debhelper beginning here."
 
 true "INFO: Done with debhelper."
 
+permission_hardening_legacy_config_folder
+
 true "
 #####################################################################
 ## INFO: END  : $DPKG_MAINTSCRIPT_PACKAGE $DPKG_MAINTSCRIPT_NAME $@