A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following: ls -l -a /usr/heinz/public; cat ./config/db.yml The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run: system ("ls -l -a #{path}") Which of the following is an appropriate security control the company should implement? 

Answer options:

A. Restrict directory permissions to read-only access.
B. Use server-side processing to avoid XSS vulnerabilities in path input.
C. Separate the items in the system call to prevent command injection.
D. Parameterize a query in the path variable to prevent SQL injection.

C