especially on strings passed from argv; rename system() to exec_shell(),
and make it static; use strlcpy() and make sure it works; use proper
type (size_t) to be passed to malloc()/realloc().
Use getusershell() to make sure the SHELL environment variable passed is
safe to use. Add new option -s to allow anal users to pass things like
perl; this option is here along with getusershell() checking since the
such checking is only intended to affect things like suidperl that might
call apply(1).
Reviewed by: markm, jhb, C. Stephen Gunn <csg@waterspout.com>
c494ed80cd