Hi,
chown(1) has a -h option by which it affects symlinks directly rather than the pointed-to file. The bonus side effect is that the pointed-to files don't get changed in any way, which is kinda welcome if you attempt to "fix" permissions/ownership in a directory where an evil user could create a symlink to e.g. /etc/shadow. Attempting chmod -R g+w /home/groups/evilgroup is still a risk, and would necessity a more long-winded command involving find(1). It would therefore be welcome that chmod receive an -h option that just skips over them (besides perhaps attempting to change their permissions as well).
