Comment 2 for bug 245982

Cookies can definitely be forged. Perhaps the easiest way would be for the user 'attacker' to set up a page under their webspace that sets the login cookie to a certain value and then to visit that page themselves to forge/get the cookie. There are other ways (such as Firefox extensions).