mxmount: Use safer version of qx

The perl qx operator (`cmd`) calls a shell when cmd contains shell
metacharacters. If our netgroup (accidentally) contains a shell meta
character, unexpected things might happen. Replace by safer code.

mxmount/mxmount

@@ -45,6 +45,8 @@ create_exports();
 
 system("exportfs -ra");
 
+sub safe_qx { open my $pipe,'-|',@_; return join('',<$pipe>) }
+
 sub add_data0_if_not_present {
     my $allmp = $D{$hostname};
 
@@ -89,7 +91,7 @@ sub create_exports {
             my $hosts='';
             warn "export $mountpoint to $hostspec opts $opts\n";
             if (my ($group) = $hostspec=~/^@(.+)/) {
-                $hosts=`hostconfig --list $group`;                      # expanded group
+                $hosts=safe_qx('/usr/sbin/hostconfig','--list',$group); # expanded group
                 $hosts or warn "group $group is empty\n";
             } else {
                 $hosts=$hostspec;                                       # single host