The AUDIT privilege allows software to append
audit records to the system security audit log file using one of four
system services: $AUDIT_EVENT, $CHECK_PRIVILEGE, $CHKPRO, or $CHECK_ACCESS.
In addition, the $AUDIT_EVENT system service allows all components
of an audit message to be specified. As a result, this privilege permits
the logging of events that appear to have come from the operating
system or a user process.
Grant this privilege only to trusted images that
need to append audit messages to the system audit log file. Users
possessing this privilege can provoke a system failure by attempting
to log invalid events with the NSA$M_INTERNAL flag set.