You want to monitor *other* people using the rm command? You can't unless you're root, then you can replace 'rm' with any wrapper you like. Of course, there are still other ways to remove files.

Depending on the OS and its security settings, you may be able to trap the unlink system call. But that will only monitor removal of the file name. File content can still be overwritten. And files may be renamed. To protect against that, you'd need to trap even more system calls (open/creat, write, rename, f?truncate to name a few of the obvious ones).