Why root lose permission of 1st and 2nd level symlink?

Question

Why root lose permission to run 1st level symlink /bin/planet and 2nd level symlink /tmp/earth, except symlink target /tmp/sun at the end ? Instead ordinary user no problem to run 3 of them:

xiaobai@dnxb:~/note$ echo -e '#!/bin/bash\necho "hack the planet"' > /tmp/earth
xiaobai@dnxb:~/note$ chmod +x /tmp/earth
xiaobai@dnxb:~/note$ sudo ln -s /tmp/earth /bin/planet
xiaobai@dnxb:~/note$ sudo file /bin/planet
/bin/planet: symbolic link to /tmp/earth
xiaobai@dnxb:~/note$ sudo ls -la /bin/planet
lrwxrwxrwx 1 root root 10 Oct 18 18:55 /bin/planet -> /tmp/earth
xiaobai@dnxb:~/note$ planet
hack the planet
xiaobai@dnxb:~/note$ echo -e '#!/bin/bash\necho crack the planet' > /tmp/sun
xiaobai@dnxb:~/note$ chmod +x /tmp/sun
xiaobai@dnxb:~/note$ rm /tmp/earth
xiaobai@dnxb:~/note$ ln -s /tmp/sun /tmp/earth
xiaobai@dnxb:~/note$ ls -la /bin/planet 
lrwxrwxrwx 1 root root 10 Oct 18 18:55 /bin/planet -> /tmp/earth
xiaobai@dnxb:~/note$ sudo ls -la /bin/planet 
lrwxrwxrwx 1 root root 10 Oct 18 18:55 /bin/planet -> /tmp/earth
xiaobai@dnxb:~/note$ file /bin/planet 
/bin/planet: symbolic link to /tmp/earth
xiaobai@dnxb:~/note$ sudo file /bin/planet 
/bin/planet: broken symbolic link to /tmp/earth
xiaobai@dnxb:~/note$ planet
crack the planet
xiaobai@dnxb:~/note$ sudo planet
sudo: unable to execute /bin/planet: Permission denied
xiaobai@dnxb:~/note$
xiaobai@dnxb:~/note$ sudo /tmp/earth 
sudo: unable to execute /tmp/earth: Permission denied
xiaobai@dnxb:~/note$ sudo /tmp/sun 
crack the planet
xiaobai@dnxb:~/note$ /tmp/sun
crack the planet
xiaobai@dnxb:~/note$ /tmp/earth 
crack the planet
xiaobai@dnxb:~/note$ stat /tmp/earth 
  File: '/tmp/earth' -> '/tmp/sun'                                                                                                                    
  Size: 8               Blocks: 0          IO Block: 4096   symbolic link                                                                             
Device: 807h/2055d      Inode: 29          Links: 1                                                                                                   
Access: (0777/lrwxrwxrwx)  Uid: ( 1000/ xiaobai)   Gid: ( 1000/ xiaobai)
Access: 2016-10-18 18:59:15.949297618 +0800
Modify: 2016-10-18 18:56:56.849295531 +0800
Change: 2016-10-18 18:56:56.849295531 +0800
 Birth: -
xiaobai@dnxb:~/note$ stat /tmp/sun
  File: '/tmp/sun'
  Size: 34              Blocks: 8          IO Block: 4096   regular file
Device: 807h/2055d      Inode: 30          Links: 1
Access: (0755/-rwxr-xr-x)  Uid: ( 1000/ xiaobai)   Gid: ( 1000/ xiaobai)
Access: 2016-10-18 18:59:36.489297926 +0800
Modify: 2016-10-18 18:56:45.253295357 +0800
Change: 2016-10-18 18:56:49.377295419 +0800
 Birth: -
xiaobai@dnxb:~/note$ 

The only difference from stat output is l, but it's normal because it's a symlink. So what's the real reason root lose the permissions except final symlink target ?

Another weird thing is sudo file /bin/planet said it's a broken symlink but file /bin/planet (ordinary user) said it's a symbolic link to /tmp/earth.

[UPDATE]

After i do sudo sysctl -w fs.protected_symlinks=0, no such problem anymore.