Actions are important for internal handling. An action is something that should be performed, and it can be anything. It will be started from an event, such as a smart card insert or smart card remove, or when a user selects a menu option.


The actions can reference applications, scripts, or other files on the hard-drive.

All actions are executed with the same privilege as the starting process:

  • a system process will have administrator privilege.

  • a user process will have user privilege.

Do not reference a file at a location where the normal user can update the file. If so, an attacker can get user privilege and update the file.

To avoid the opening of a security hole, never configure an action that references applications, scripts, or other files that can be changed by a normal user.