#include #include #include static int run_guarded(const char *user_cmd) { const char *allow = getenv("ALLOW_CMD"); if (allow == NULL || strcmp(allow, "1") != 0) { puts("command blocked (ALLOW_CMD not set)"); return 0; } char cmd[256]; snprintf(cmd, sizeof(cmd), "echo START && %s && echo END", user_cmd); return system(cmd); } int main(int argc, char **argv) { if (argc < 2) { fprintf(stderr, "usage: %s \n", argv[0]); return 1; } int rc = run_guarded(argv[1]); if (rc != 0) { fprintf(stderr, "command failed\n"); return 2; } puts("done"); return 0; }