How can I use Mac OSX Common Criteria Tools to audit file access attempts?

How can I use Mac OSX common criteria tools (auditing tools based on OpenBSM for FreeBSD, Solaris, and others) to audit file access attempts, particularly security related files. Like say someone runs the command "touch /etc/passwd" or "vi /etc/sudoers", how can I make common criteria tools log that? show more How can I use Mac OSX common criteria tools (auditing tools based on OpenBSM for FreeBSD, Solaris, and others) to audit file access attempts, particularly security related files. Like say someone runs the command "touch /etc/passwd" or "vi /etc/sudoers", how can I make common criteria tools log that?
1 answer 1