Comment 24 for bug 51419

I'm rather alarmed that libgksu uses a plain string for the command to run, instead of passing an array, which wouldn't have these escaping issues. I'd like to see this corrected upstream, especially since only a few packages would need to be adjusted.

However, if this is just a quick patch, it will need to escape slash as well. Consider the case of:

  \'

already being in the argument. This patch would result in the string becoming:

  \\'

instead of the correctly escaped:

  \\\'