Substituting into a shell command-line without escaping is a bad idea.
If the argument is attacker-controlled, it's a security vulnerability;
if the argument is legitimate-user-controlled (as I think it is here)
it's merely wrong.
We could escape the filename with g_shell_quote(), but it's more
straightforward to take advantage of the shell's argument processing.
The first positional parameter (if given) is $0, and the rest are $@.
Signed-off-by: Simon McVittie <smcv@debian.org>
5b8fdb4998