Why does Magento use 2 cookies per session?

Question

For data security and privacy reasons I want to know why Magento uses two cookies for one frontend session.

All I know is that one of them is being set in Mage_Cor

Answer 1

I was able to fix this by reversing the order of the session_start() call and the statement that sets the cookie in Mage_Core_Model_Session_Abstract_Varien::start(..). Those two lines now look like this:

$cookie->set(session_name(), $this->getSessionId());
session_start();

It now only creates one single cookie and it does not seem to have any side-effects.

BTW: The other cookie was not created in Zend_Session as I assumed, but instead both of them came from Mage_Core_Model_Session_Abstract_Varien::start(..).