This file is indexed.

/usr/share/perl5/DACScheck.pm is in dacs 1.4.28b-3ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# $Id: DACScheck.pm.in 2594 2012-10-19 17:28:49Z brachman $
# Copyright (c) 2003-2012
# Distributed Systems Software.  All rights reserved.
# See the file LICENSE for redistribution information.

# A crude interface between Perl and dacscheck
# Initialize by calling:
#   1) dacscheck_prog to set the absolute pathname of the dacscheck command
#   2) dacscheck_rules to set the absolute pathname of the root directory
#      containing the DACS rules (if the default is incorrect or rules are not
#      specified with each check).
#
# Then, to check for authorization, call:
#    dacscheck(id, resource, ...);
# or from the CGI environment:
#    dacscheck_cgi(resource, ...);
#
# These functions return 1 if access is granted, 0 if denied, or -1 if
# an error occurs.
#
# Callers must do:
#    use DACScheck;
#
# See dacscheck(1)

package DACScheck;

use strict;

require Exporter;
our @ISA = qw(Exporter);

# Export symbols

our @EXPORT = qw(dacscheck dacscheck_cgi dacscheck_prog dacscheck_rules);
our $VERSION = '1.0.0';

# Locals

my $dacscheck_prog = "/usr/bin/dacscheck";
my $dacscheck_rules = "";

# Return something

1;

# Set the path to use for the dacscheck command
#
sub dacscheck_prog {
   my ($prog) = @_;
   my $oldprog;

   $oldprog = $dacscheck_prog;
   $dacscheck_prog = $prog;

   return $oldprog;
}

# Set the path to use for the dacscheck rules
#
sub dacscheck_rules {

   my ($rules) = @_;

   my $oldrules;

   $oldrules = $dacscheck_rules;
   $dacscheck_rules = $rules;

   return $oldrules;
}

# Internal function to actually run dacscheck
#
sub run_dacscheck {
  my $exit_value;
  my $result;

  system @_;
  $exit_value  = $? >> 8;

  # print "dacscheck returned $exit_value for user \"$remote_user\"\n";
  if ($exit_value == 1) {
      # dacscheck denies access
      $result = 0;
   }
   elsif ($exit_value == 0) {
      # dacscheck grants access
      $result = 1;
   }
   else {
      # dacscheck error occurred
      $result = -1;
   }

   return $result;
}

# A simple interface to the dacscheck command
# Check if $id is granted access to $resource; additional arguments may
# follow
#
sub dacscheck {

   my ($id, $resource, @other_args) = @_;
   my @args;

   if ($dacscheck_prog eq "") {
     return -1;
   }

   if ($dacscheck_rules eq "") {
     @args = ($dacscheck_prog, '-q', '-i', $id, @other_args, $resource);
   }
   else {
     @args = ($dacscheck_prog, '-q', '-i', $id, '-rules', $dacscheck_rules,
	    @other_args, $resource);
   }

   return run_dacscheck(@args);
}

# A simple interface to the dacscheck command
# Check if access to $resource is granted based on REMOTE_USER; additional
# arguments may follow
# Return 1 if access is granted
# Return 0 if access is denied
# Return -1 if an error occurs
#
sub dacscheck_cgi {

   my ($resource, @other_args) = @_;
   my @args;

   if ($dacscheck_prog eq "") {
     return -1;
   }

   if ($dacscheck_rules eq "") {
     @args = ($dacscheck_prog, '-q', '-icgi', @other_args, $resource);
   }
   else {
     @args = ($dacscheck_prog, '-q', '-icgi', '-rules', $dacscheck_rules,
         @other_args, $resource);
   }

   return run_dacscheck(@args);
}