We currently have a couple of Shell scripts we have written to EnableConfigItem from a Unix (Red Hat) command line, so we can control when a Service/Operation is running via the cron in Unix. We do this by calling
:>iris session xxxxx
using _system user.
During our Security audit it was mentioned that we need to lock down some of the cache users.