--- src/elogd.c	2005-04-28 13:04:51.074830088 +0200
+++ src/elogd-str_escape.c	2005-04-28 13:08:55.519668824 +0200
@@ -2035,6 +2035,28 @@
 
 /*-------------------------------------------------------------------*/
 
+char *str_escape(register const char *s, register const char *cs)
+{
+   register char *p;
+   register int size, i, j = 0;
+
+   size = strlen(s);
+   p = (char *) xmalloc((size * 2) + 1);
+
+   for (i=0; i<size; ++i) {
+      register char c = *(s + i);
+      if (c == '\0')
+         break;
+      if (strchr(cs, c))
+         *(p + j++) = '\\' , *(p + j++) = c;
+      else 
+         *(p + j++) = c;
+   }
+
+   *(p + j++) = '\0';
+   return p;
+}
+
 void btou(char *str)
 /* convert all blanks to underscores in a string */
 {
@@ -17169,9 +17191,10 @@
       for (i = 0; i < MAX_ATTACHMENTS; i++)
          if (att_file[i][0] &&
              strlen(shell_cmd) + strlen(lbs->data_dir) + strlen(att_file[i]) < sizeof(shell_cmd) + 1) {
-            strcpy(p, lbs->data_dir);
-            strcat(p, att_file[i]);
-            strcat(p, " ");
+            strcpy(p, "\"");
+            strcat(p, lbs->data_dir);
+            strcat(p, str_escape(att_file[i], "`$\"\\"));
+            strcat(p, "\" ");
             p += strlen(p);
          }
       strlcat(shell_cmd, tail, sizeof(shell_cmd));