Sample security cookbook used for dev & test purposes.
'ohai' cookbook
Add 'mysecurity-cookbook::default' to the run list. The installed ohai plugin creates two automatic node attributes:
node['languages']['bash']['version']- Version of bash installednode['languages']['bash']['shellshock_vulnerable']- Boolean value based on CVE-2014-7169 vulnerability
Use knife search from the workstation to find the shellshock vulnerable nodes:
knife search node "languages_bash_shellshock_vulnerable:true" --id-only
Authors: Alex Pop