Pretend that there is some security when executing in direct mode.

Do not allow direct exec if we the process is suid. Try to follow Unix
permission checks for DACs, ignore ACLs.

Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D10750