this is a problem for users of public machines -- ad_user_logout
didn't pass -forever, and ad_user_login ignored -forever anyway with
uid = 0, meaning once you had a cookie set by george it STAYED set.
here's the patch:
https://openacs.org/sdm/one-patch.tcl?patch_id=170