ssh_filter_btrbk.sh: fix alternation regex

Security vulnerability fixed in alternation regex. Specialy crafted
commands may be executed without being propely checked.

Affects all versions >= btrbk-v0.23.0

Regression from:

   ccb5ed5e71 ssh_filter_btrbk: allow "realpath" and "cat /proc/self/mounts" on targets

Reported by: @protree (responsible disclosure)

ssh_filter_btrbk.sh

@@ -86,7 +86,7 @@ reject_filtered_cmd()
         return 0
     fi
 
-    exact_cmd_match="^${allow_exact_list}$";
+    exact_cmd_match="^(${allow_exact_list})$";
     if [[ $SSH_ORIGINAL_COMMAND =~ $exact_cmd_match ]] ; then
         return 0
     fi