bandit/docs/source/tests/exec_used.rst

exec_used

Description

This plugin test checks for the use of Python's exec method or keyword. The Python docs succinctly describe why the use of exec is risky:

• This statement supports dynamic execution of Python code.¹

Available Since

• Bandit v0.9.0

Config Options

None

Sample Output

>> Issue: Use of exec detected.
   Severity: Medium   Confidence: High
   Location: ./examples/exec-py2.py:2
1 exec("do evil")
2 exec "do evil"

References

---

1. https://docs.python.org/2.0/ref/exec.html↩︎