A session cookie is just that: a cookie that is valid only for the user session. They are stored in a temporary location on the users browser and deleted when the browser is closed.And, has been requested above, can we please have an explanation of what the CMSSESSID session cookie does. It doesn't appear to be necessary for back-end use.
CMSMS (and many php based applications) uses a session cookie to contain the unique session identifier. Ours happens to be named CMSSESSIDxxxxxxxx where the number assigned is generated by some md5 stuff.
The value of the cookie (known as the session id) is generated upon the first visit of a user to a web page (first visit since they last opened their browser), and sent as a cookie to the client. That cookie is then re-transmitted back to the server on each subsequent request. That cookie contains only a simple randomly generated, unique string. There is no personal information of any sort stored in this cookie or transmitted over the ether.
The session id allows the server to store data relevant to the user (i.e: which month of the CGCalendar he is viewing, or the items in his cart, his login informtion etc.). and to retrieve it back thereby bypassing some of the stateless properties of HTTP. We call this 'storing data in the session' or 'session data'.
Session data is automatically removed from the server after it has reached a period of inactivity (this is a php configuration variable). I.e: if the user browses away from your site, closes the window etc.. the session data is cleared up after a while.
The CMSMS Admin section uses the session (as well as other cookies) in numerous places and to store and retrieve lots of different stateful data.
The frontend of the core does not use the session in any way (yet). However numerous important third party modules require sessions to be available, and assume that the session has already been 'setup' and is ready to use.
Some (not all) of the modules that require an active, and correctly configured session in order to behave properly on the frontend
Captcha
FrontEndUsers
CGFeedback
Cart
Orders
CGEcommerceBase
PaypalGateway
Some of the modules that will not work properly without a correctly setup frontend session:
CGCalendar
CGSmartImage
CGSimpleSmarty
I have not checked every single module, nor do I intend to. I just did some simple searches through some of the modules that I had available on one of my hosts.
Therefore: Having a properly configured session on each request is important to CMSMS sites. I would also hazard a guess to say 'necessary' to a majority of them.