Python is a popular programming language and has been labeled as having a safe core. However; specific code implementation can lead to risky and vulnerable applications. Bandit is a tool that can be used to check existing code in your Cloud9 IDE for possible vulnerabilities.

For example, the following code (albeit maybe not that useful) has a potential concern as the exception is not logged. Instead we just continue.

print ('Hello from Python 3')

count=0 while count<5: try: count+=1 print(str(count)) except Exception: continue

If you run bandit on the directory on this code, you will receive this message:

Test results: >> Issue: [B112:try_except_continue] Try, Except, Continue detected. Severity: Low Confidence: High Location: SDEV300/Hello.py:12 More Info: https://bandit.readthedocs.io/en/latest/plugins/b112_try_except_continue.html 11 print(str(count)) 12 except Exception: 13 continue

You can install bandit in your Cloud9 Environment using this syntax at the shell:

sudo python3 -m pip install bandit

You can run bandit using this syntax at the shell:

bandit -r path/to/file/

where path/to/file/ is the location of your files.

For this exercise, use the bandit test plug-in listing found at the URL below to write your own Python code snippet that would cause an issue to be displayed.

https://bandit.readthedocs.io/en/latest/plugins/index.html

Pick something that another student has not selected. For example, you could generate an issue related to B110: try_except_pass.

For your interaction portion, use the Python code another student submitted and run it in your environment. Identify the error and provide a possible mitigation.