* Axel Beckert <a...@debian.org>, 2023-02-14 15:53:
the exploit code is always shown to the user before the exploit actually runs
Sneakier exploits might be possible, though. For example, for dialog(1), the backspace character can be used to hide stuff, e.g:
H=$(printf '\b') dialog --title '' --menu '' 10 60 20 "foo$H$H$H""bar" bar (shows "bar" but not "foo") -- Jakub Wilk
