The hudson debian package postinst script has a find command which chowns files in /var/lib/hudson to the hudson user. The find command as currently written follows symlinks, which means if there are symlinks to system files (like are frequently found in python virtualenv build environments), the dpkg process, which runs as root, winds up chowning files in system locations (like /usr/lib/python) to be owned by hudson.

This is obviously uncool.

I've got a patch which fixes it - will submit a pull request in just a sec.