Index: gnu/ext2fs/ext2_vnops.c
===================================================================
RCS file: /private/FreeBSD/src/sys/gnu/ext2fs/ext2_vnops.c,v
retrieving revision 1.82
diff -u -p -u -p -r1.82 ext2_vnops.c
--- gnu/ext2fs/ext2_vnops.c	11 Mar 2004 16:33:10 -0000	1.82
+++ gnu/ext2fs/ext2_vnops.c	24 Mar 2004 23:10:21 -0000
@@ -46,8 +46,6 @@
  * $FreeBSD: src/sys/gnu/ext2fs/ext2_vnops.c,v 1.82 2004/03/11 16:33:10 phk Exp $
  */
 
-#include "opt_suiddir.h"
-
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/resourcevar.h>
@@ -1216,8 +1214,7 @@ ext2_mkdir(ap)
 		goto out;
 	ip = VTOI(tvp);
 	ip->i_gid = dp->i_gid;
-#ifdef SUIDDIR
-	{
+	if (suiddir_enable) {
 		/*
 		 * if we are hacking owners here, (only do this where told to)
 		 * and we are not giving it TOO root, (would subvert quotas)
@@ -1233,10 +1230,9 @@ ext2_mkdir(ap)
 		} else {
 			ip->i_uid = cnp->cn_cred->cr_uid;
 		}
+	} else /* if (!suiddir_enable) */ {
+		ip->i_uid = cnp->cn_cred->cr_uid;
 	}
-#else
-	ip->i_uid = cnp->cn_cred->cr_uid;
-#endif
 	ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
 	ip->i_mode = dmode;
 	tvp->v_type = VDIR;	/* Rest init'd in getnewvnode(). */
@@ -1806,8 +1802,7 @@ ext2_makeinode(mode, dvp, vpp, cnp)
 	}
 	ip = VTOI(tvp);
 	ip->i_gid = pdir->i_gid;
-#ifdef SUIDDIR
-	{
+	if (suiddir_enable) {
 		/*
 		 * if we are
 		 * not the owner of the directory,
@@ -1824,10 +1819,9 @@ ext2_makeinode(mode, dvp, vpp, cnp)
 		} else {
 			ip->i_uid = cnp->cn_cred->cr_uid;
 		}
+	} else /* if (!suiddir_enable) */ {
+		ip->i_uid = cnp->cn_cred->cr_uid;
 	}
-#else
-	ip->i_uid = cnp->cn_cred->cr_uid;
-#endif
 	ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
 	ip->i_mode = mode;
 	tvp->v_type = IFTOVT(mode);	/* Rest init'd in getnewvnode(). */
Index: kern/vfs_mount.c
===================================================================
RCS file: /private/FreeBSD/src/sys/kern/vfs_mount.c,v
retrieving revision 1.121
diff -u -p -u -p -r1.121 vfs_mount.c
--- kern/vfs_mount.c	16 Mar 2004 08:59:36 -0000	1.121
+++ kern/vfs_mount.c	24 Mar 2004 23:13:54 -0000
@@ -93,6 +93,7 @@ __FBSDID("$FreeBSD: src/sys/kern/vfs_mou
 #include "opt_rootdevname.h"
 #include "opt_ddb.h"
 #include "opt_mac.h"
+#include "opt_suiddir.h"
 
 #ifdef DDB
 #include <ddb/ddb.h>
@@ -112,6 +113,14 @@ static int	vfs_mountroot_try(char *mount
 
 static int	usermount = 0;	/* if 1, non-root can mount fs. */
 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, "");
+SYSCTL_DECL(_security_bsd);
+#ifdef SUIDDIR
+int suiddir_enable = 1;
+#else
+int suiddir_enable = 0;
+#endif
+SYSCTL_INT(_security_bsd, OID_AUTO, suiddir_enable, CTLFLAG_RW,
+    &suiddir_enable, 0, "Made use of suiddir option as described in mount(8)");
 
 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure");
 
Index: modules/ext2fs/Makefile
===================================================================
RCS file: /private/FreeBSD/src/sys/modules/ext2fs/Makefile,v
retrieving revision 1.4
diff -u -p -u -p -r1.4 Makefile
--- modules/ext2fs/Makefile	16 May 2002 19:08:03 -0000	1.4
+++ modules/ext2fs/Makefile	24 Mar 2004 23:13:19 -0000
@@ -2,7 +2,7 @@
 
 .PATH:	${.CURDIR}/../../gnu/ext2fs
 KMOD=	ext2fs
-SRCS=	opt_ddb.h opt_quota.h opt_suiddir.h vnode_if.h \
+SRCS=	opt_ddb.h opt_quota.h vnode_if.h \
 	ext2_alloc.c ext2_balloc.c ext2_bmap.c ext2_ihash.c ext2_inode.c \
 	ext2_inode_cnv.c ext2_linux_balloc.c ext2_linux_ialloc.c \
 	ext2_lookup.c ext2_subr.c ext2_vfsops.c ext2_vnops.c
Index: modules/ufs/Makefile
===================================================================
RCS file: /private/FreeBSD/src/sys/modules/ufs/Makefile,v
retrieving revision 1.2
diff -u -p -u -p -r1.2 Makefile
--- modules/ufs/Makefile	23 Jun 2003 19:41:00 -0000	1.2
+++ modules/ufs/Makefile	24 Mar 2004 23:12:50 -0000
@@ -4,7 +4,7 @@
 
 KMOD=	ufs
 SRCS=	opt_ddb.h opt_directio.h opt_ffs.h opt_ffs_broken_fixme.h opt_mac.h \
-	opt_quota.h opt_suiddir.h opt_ufs.h \
+	opt_quota.h opt_ufs.h \
 	vnode_if.h ufs_acl.c ufs_bmap.c ufs_dirhash.c ufs_extattr.c \
 	ufs_ihash.c ufs_inode.c ufs_lookup.c ufs_quota.c ufs_vfsops.c \
 	ufs_vnops.c ffs_alloc.c ffs_balloc.c ffs_inode.c ffs_snapshot.c \
Index: sys/mount.h
===================================================================
RCS file: /private/FreeBSD/src/sys/sys/mount.h,v
retrieving revision 1.155
diff -u -p -u -p -r1.155 mount.h
--- sys/mount.h	16 Mar 2004 08:59:37 -0000	1.155
+++ sys/mount.h	24 Mar 2004 23:08:31 -0000
@@ -387,6 +387,7 @@ MALLOC_DECLARE(M_MOUNT);
 extern int maxvfsconf;		/* highest defined filesystem type */
 extern int nfs_mount_type;	/* vfc_typenum for nfs, or -1 */
 extern struct vfsconf *vfsconf;	/* head of list of filesystem types */
+extern int suiddir_enable;	/* suiddir policy */
 
 /*
  * Operations supported on mounted filesystem.
Index: ufs/ufs/ufs_vnops.c
===================================================================
RCS file: /private/FreeBSD/src/sys/ufs/ufs/ufs_vnops.c,v
retrieving revision 1.238
diff -u -p -u -p -r1.238 ufs_vnops.c
--- ufs/ufs/ufs_vnops.c	11 Mar 2004 18:50:33 -0000	1.238
+++ ufs/ufs/ufs_vnops.c	24 Mar 2004 23:11:55 -0000
@@ -43,7 +43,6 @@ __FBSDID("$FreeBSD: src/sys/ufs/ufs/ufs_
 
 #include "opt_mac.h"
 #include "opt_quota.h"
-#include "opt_suiddir.h"
 #include "opt_ufs.h"
 
 #include <sys/param.h>
@@ -1383,8 +1382,7 @@ ufs_mkdir(ap)
 	ip = VTOI(tvp);
 	ip->i_gid = dp->i_gid;
 	DIP(ip, i_gid) = dp->i_gid;
-#ifdef SUIDDIR
-	{
+	if (suiddir_enable) {
 #ifdef QUOTA
 		struct ucred ucred, *ucp;
 		ucp = cnp->cn_cred;
@@ -1430,19 +1428,18 @@ ufs_mkdir(ap)
 			return (error);
 		}
 #endif
-	}
-#else	/* !SUIDDIR */
-	ip->i_uid = cnp->cn_cred->cr_uid;
-	DIP(ip, i_uid) = ip->i_uid;
+	} else /* if (!suiddir_enable) */ {
+		ip->i_uid = cnp->cn_cred->cr_uid;
+		DIP(ip, i_uid) = ip->i_uid;
 #ifdef QUOTA
-	if ((error = getinoquota(ip)) ||
-	    (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
-		UFS_VFREE(tvp, ip->i_number, dmode);
-		vput(tvp);
-		return (error);
-	}
+		if ((error = getinoquota(ip)) ||
+		    (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
+			UFS_VFREE(tvp, ip->i_number, dmode);
+			vput(tvp);
+			return (error);
+		}
 #endif
-#endif	/* !SUIDDIR */
+	}
 	ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
 #ifdef UFS_ACL
 	acl = dacl = NULL;
@@ -2390,8 +2387,7 @@ ufs_makeinode(mode, dvp, vpp, cnp)
 	ip = VTOI(tvp);
 	ip->i_gid = pdir->i_gid;
 	DIP(ip, i_gid) = pdir->i_gid;
-#ifdef SUIDDIR
-	{
+	if (suiddir_enable) {
 #ifdef QUOTA
 		struct ucred ucred, *ucp;
 		ucp = cnp->cn_cred;
@@ -2436,19 +2432,18 @@ ufs_makeinode(mode, dvp, vpp, cnp)
 			return (error);
 		}
 #endif
-	}
-#else	/* !SUIDDIR */
-	ip->i_uid = cnp->cn_cred->cr_uid;
-	DIP(ip, i_uid) = ip->i_uid;
+	} else /* if (!suiddir_enable) */ {
+		ip->i_uid = cnp->cn_cred->cr_uid;
+		DIP(ip, i_uid) = ip->i_uid;
 #ifdef QUOTA
-	if ((error = getinoquota(ip)) ||
-	    (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
-		UFS_VFREE(tvp, ip->i_number, mode);
-		vput(tvp);
-		return (error);
-	}
+		if ((error = getinoquota(ip)) ||
+		    (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
+			UFS_VFREE(tvp, ip->i_number, mode);
+			vput(tvp);
+			return (error);
+		}
 #endif
-#endif	/* !SUIDDIR */
+	}
 	ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
 #ifdef UFS_ACL
 	acl = NULL;