--- kern_exec.c.orig	Mon Nov 29 23:02:07 2004
+++ kern_exec.c	Mon Nov  29 23:04:06 2004
@@ -189,21 +189,25 @@ check_exec(p, epp, flag)
 	 * Check trusted path.
 	 */
 	if (security_tpe) {
+		/*
+		 * We can't use trusted() when trust list is
+		 * disabled, do an explicit suser().
+		 */
+		if (((security_trust_gid == TRUST_INVAL) &&
+		    suser(p, 0)) || !trusted(p)) {
+			goto skip_tpe;
+		}
+
 		if ((error = VOP_GETATTR(ndp->ni_dvp, &tpe_attr,
 		    p->p_ucred, p)))
 			goto bad2;
 
 		if (!TRUSTED_PATH(tpe_attr)) {
-			/*
-			 * We can't use trusted() when trust list is
-			 * disabled, do an explicit suser().
-			 */
-			if (((security_trust_gid == TRUST_INVAL) &&
-			    suser(p, 0)) || !trusted(p)) {
-				error = EPERM;
-				goto bad2;
-			}
+			error = EPERM;
+			goto bad2;
 		}
+
+skip_tpe:
 	}
 
 	/*
@@ -411,7 +415,8 @@ sys_execve(p, v, retval)
 		 * the file's in and skip it if needed.
 		 */
 		vhe = vexec_lookup(attr.va_fsid, attr.va_fileid);
-		if ((vhe == NULL) || (vhe->vhe_type != VEXEC_INDIRECT)) {
+		if ((vhe == NULL) || (vhe->vhe_type == VEXEC_DIRECT) ||
+		    trusted(p)) {
 			goto skip_trusted_args;
 		}
 
@@ -420,10 +425,11 @@ sys_execve(p, v, retval)
 
 		error = namei(&tpe_nid);
 		if (error) {
-			if (error != ENOENT) {
+			if ((error != ENOENT) && (error != ENAMETOOLONG)) {
 				printf("sys_execve: TPE: Couldn't"
 				    " lookup vnode for argument. "
 				    "Failing execution.\n");
+
 				goto bad;
 			}