Use subprocess and set shell to False to avoid potential shell
injections.
Reported-by: Bernd Dietzel <tcpip@t-online.de>
Signed-off-by: Valentin Rothberg <valentinrothberg@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>