Major Description
The os::system() function always spawns whatever string you pass to is a a direct argument to sh -c '<arg_string>'. However, this can be problematic if you build <arg_string> from user supplied input and they have the opportunity to inject arbitrary commands at the end of it (e.g. by adding a "; rm -rf" as part of the last user supplied argument).
To counter this, we should introduce a variant of os::system() that takes a single command and a list of args (similar to the posix_spawn() function.