This works on any python exercise and makes use of the python interpreter
I was able to view files and folders on the codecademy system that I do not think I should be able to. This included useruid's and unless this is a well disguised test playground I think that this is a security bug that allows viewing of files that should not be allowed.
This may also be usable to delete critical files related to users environments and details although I haven't tried this since I don't want to cause damage.
I am unwilling to divulge the exact method I used to accomplish this in case someone else uses it for a more sinister reason before codeacademeny staff find out. If you are unable to figure out how to do this I will be more than happy to show you if you contact me in person.
I wanted to divulge this is a more private way but was unable to find any codecademy contact information so this is the best I could do.