luci-app-tailscale-community: fix shell code injections through login params

luci-app-tailscale-community: fix shell code injections through login params

While individual user supplied credential values were properly shell quoted,
the entire constructed command line got passed to `/bin/sh -c "..."`, enabling
interpolation of nested `$(...)` and backtick expressions.

Solve the issue by passing the final command string as properly escaped,
single quoted expression to the shell.

A more thorough fix would be using `system([...])` with an array vector
but since I neither can test, nor understand the reason for the shell
`&` background operation, I cannot easily fix this.

See https://github.com/openwrt/luci/security/advisories/GHSA-xwc5-mx58-rh35.

Signed-off-by: Jo-Philipp Wich <redacted>