We could easily catch ebuilds that don't respect CC (and LD and other system programs) by adding shell scripts (or a single script with a bunch of symlinks) to portage's PATH that record when they are called. then exec the "proper" program (like "cc" would 'exec "${CC}"''. If the scripts ever get called during a phase, then we could trigger a QA warning for that phase. The standard portage install should include wrappers for all common programs that build systems often call that should be overridden. We could even make a FEATURE (say call it strict-progs) that makes these shell scripts simply "exit 1" so the build will fail if a package doesn't respect one of the program variables. Developers could be encouraged to enable this feature so they catch any ebuilds that aren't respecting variables such as CC.
(I'll paste your comment in the other bug, but trying to consolidate a bunch of Portage bugs atm.) *** This bug has been marked as a duplicate of bug 427672 ***