Well, you can work around this issue by making your website work on www.foo.com and all other subdomains to redirect to your website.
If you tell rails to use *.foo.com for your cookie (dunno how to do that), you are going to have problems if you decide to use a subdomain for something else, like a forum, that usually sets a cookie on its own.
As it is, this is indeed an issue with you/app and not the web host.