From c14d98354b92bb346d139195aa83a51bd29fb9ef Mon Sep 17 00:00:00 2001
From: Robin Ward <robin.ward@gmail.com>
Date: Thu, 16 Mar 2017 16:24:59 -0400
Subject: [PATCH] SECURITY: Don't use backticks for exporting your archive

---
 app/jobs/regular/export_csv_file.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/app/jobs/regular/export_csv_file.rb b/app/jobs/regular/export_csv_file.rb
index f05d81a867a..b5bc3035453 100644
--- a/app/jobs/regular/export_csv_file.rb
+++ b/app/jobs/regular/export_csv_file.rb
@@ -48,8 +48,7 @@ module Jobs
       end
 
       # compress CSV file
-      `gzip -5 #{absolute_path}`
-
+      system('gzip', '-5', absolute_path)
     ensure
       notify_user(file_name, absolute_path)
     end