I am working on a small program which I would like to be extensible with plugins written by external parties (using the dlopen family of commands). However I would like to provide a basic level of security by limiting the potential of a plugin to cause harm.
For example, say I do not want plugins to be able to read or write files. Is there a way for me to be able to prevent a function in the plugin library from calling (for example) fopen()?
I have been looking for some time now but can't work out if this is possible at all, and if it is, how it could be done.