not_safe_exec should use a subprocess

`not_safe_exec` is for running tests that use CodeJail but don't want to require an actual CodeJail configured.  Now, it runs the code directly in the current process.  This is bad because it monkey-patches `random` without attempting to clean it up.  To better emulate CodeJail, it should run the code in a subprocess.
