Dirk mentioned that the auth:::auth statement is used in many pages..also that I can use the OpenACS shell of the developer support to pass commands to OpenACS directly. But I didn't understand exactly how or which statements are relevant for testing performance leaks.
