First attempt at an arguably naive LD_PRELOAD library to try and restrict file access

c-preload/Makefile

@@ -0,0 +1,19 @@
+all: libpreload.so
+
+libpreload.so: preload.c
+	$(CC) -std=c99 -shared -O1 -fPIC $^ -o $@ -ldl
+
+.PHONY: test clean
+test: libpreload.so
+	-@rm -f /tmp/allowed
+	cat tests/testfile | ./g++.sh -std=c++0x -S -o /tmp/allowed -x c++ -
+	@if [ ! -s /tmp/allowed ]; then echo "/tmp/allowed should exist"; false; fi
+	-@rm -f /tmp/allowed
+	cat tests/bad-includes | ./g++.sh -std=c++0x -S -o /tmp/allowed -x c++ - 2>&1 | grep 'Denying'
+	@if [ -s /tmp/allowed ]; then echo "/tmp/allowed should not exist"; false; fi
+	-@rm -f not-allowed
+	cat tests/testfile | ./g++.sh -std=c++0x -S -o not-allowed -x c++ - 2>&1 | grep 'Denying'
+	@if [ -e not-allowed ]; then echo "not-allowed should not exist"; false; fi
+
+clean:
+	rm -f libpreload.so

c-preload/g++.sh

@@ -0,0 +1,7 @@
+#/bin/sh
+
+export LD_PRELOAD=$(pwd)/libpreload.so
+export ALLOWED_FOR_CREATE=/tmp 
+export ALLOWED_FOR_READ=/usr/local/include:/usr/include:/usr/lib
+
+g++ "$@"

c-preload/preload.c

@@ -0,0 +1,83 @@
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <errno.h>
+#include <limits.h>
+#include <stdlib.h>
+#include <string.h>
+#include <libgen.h>
+
+#ifndef O_CREAT
+#define O_CREAT 0100
+#endif
+
+static int allowed_env(const char* pathname, const char* envvar) {
+    char* dirpathbuf = strdup(pathname);
+    char* dirpath = dirname(dirpathbuf);
+
+    char resolvedBuf[PATH_MAX];
+    char* resolved = realpath(dirpath, resolvedBuf);
+    free(dirpathbuf);
+    if (resolved == NULL) {
+        return 0;
+    }
+
+    const char* okpath = getenv(envvar);
+    if (okpath == NULL) {
+       errno = EINVAL;
+       return 0;
+    }
+
+    while (*okpath) {
+        const char* end = strchrnul(okpath, ':');
+        if (strncmp(okpath, resolved, end - okpath) == 0) return 1;
+        okpath = end;
+        while (*okpath == ':') ++okpath;
+    }
+
+    fprintf(stderr, "Denying access to \"%s\"\n", pathname);
+    errno = EACCES;
+    return 0;
+}
+
+static int allowed(const char* pathname, int flags) {
+    if (flags & O_CREAT)
+        return allowed_env(pathname, "ALLOWED_FOR_CREATE");
+    else
+        return allowed_env(pathname, "ALLOWED_FOR_READ");
+}
+
+int open(const char *pathname, int flags, mode_t mode) {
+    static int (*real_open)(const char*, int, mode_t) = NULL;
+    if (!real_open) real_open = dlsym(RTLD_NEXT, "open");
+
+    if (!allowed(pathname, flags)) {
+        return -1;
+    }
+
+    return real_open(pathname, flags, mode);
+}
+
+int creat(const char *pathname, mode_t mode) {
+    static int (*real_creat)(const char*, mode_t) = NULL;
+    if (!real_creat) real_creat = dlsym(RTLD_NEXT, "creat");
+
+    if (!allowed(pathname, O_CREAT)) {
+        return -1;
+    }
+
+    return real_creat(pathname, mode);
+}
+
+FILE* fopen(const char* name, const char* mode) {
+    static FILE* (*real_fopen)(const char*, const char*) = NULL;
+    if (!real_fopen) real_fopen = dlsym(RTLD_NEXT, "fopen");
+
+    if (!allowed(name, (mode[0] == 'r') ? 0 : O_CREAT)) {
+        return NULL;
+    }
+
+    return real_fopen(name, mode);
+}

c-preload/tests/bad-includes

@@ -0,0 +1,2 @@
+#define DOTDOTFILE "../../../etc/passwd"
+#include DOTDOTFILE

c-preload/tests/testfile

@@ -0,0 +1,6 @@
+// I am a test C++ program
+#include <cstdint>
+
+int foo() {
+    return 1;
+}