What about non application things like libraries, printer drivers or browser plug-ins?
Off the top of my head you could use simple scripting tools like 'lpinfo -m’ to list all the printer drivers on the system.
I think in most cases things like library versions come when you are looking for a specific version though to validate you are beyond a vulnerable level.
And can you elaborate a little on "use a metadata query and launch services to locate the apps"? Perhaps there are other OS X capabilities that OVAL should make available to system auditors.
Sure. If you are scripting things then you can use the mdfind command to find apps. For example,
mdfind "kMDItemContentTypeTree == 'com.apple.application’"
Is going to instantly find every app on your disks, regardless of where it is stored. You can then loop through them and read the info.plists.
To my mind though it’s easier to do in Objective-C or some other object oriented language than it is to mash all that data around in a bash script. This is some really rough sample stuff code. Note that in the results processing you could also use
NSString *appVersion = [theResult valueForAttribute:(NSString *)kMDItemVersion];
in an effort to not rely on needing to read each plist, but reading the plist lets us cover a use case for if developers don’t fill in both the short version string and the bundle version string.
.....removed script because it made email too long