checkpath should respect --user and/or --owner for symlink ownership

[sevmonster]

In checkpath, symbolic links in the path are tested to see if they are owned by root. I am not sure I understand why this is, especially when the owner of the target path can be specified, and moreso now when user mode exists (-U). It seems very likely that there could be a link in the path not owned by root in one of the latter two cases, so why is this hardcoded for all situations?

Sure, when running root-owned or other privileged services, this could help with security, as a non-root link could be abused by its owner to change where it points. But it's just as possible a service could have links in its own directory that it manages, and when running in user mode, having something owned by root in a user's home directory would be strange to begin with—any links are probably going to be owned by the user.

In my particular case, I am trying to test if a path exists from within a user init script, and the path contains a symbolic link inside the user's home directory that points to mounted storage. All paths involved are owned by the user, and checkpath bails because of it before it can do anything.

I think ownership should be compared with a list. System services without checkpath -o should check if the link is owned by root. Specifying -o adds that user to the list. -U should add the running user. At max you could have 3 potential owners with both -U and -o.