I believe all the cookies are handled in the security code. I can see anywhere where the AOLserver codes sets the cookies for OpenACS or ACS.
I think we'd have to look in all procs for ad_set_cookie/ad_get_cookie etc and modify ad_..... to oacs_...
since ad_set_cookie accepts the name of the cookie (ie: it does not add the ad_ part).
Of course, I could be completely off track on this.
