Why are these methods private?

I'm working through a Rails tutorial and saw the following code:

class UsersController < ApplicationController
before_filter :authenticate, :only => [:edit, :update]
before_filter :correct_user, :only => [:edit, :update]

.
.
.
private

def authenticate
deny_access unless signed_in?
end

def correct_user
@user = User.find(params[:id])
redirect_to(root_path) unless current_user?(@user)
end

Why are authenticate and correct_user private methods? Would it be
harmful if they were made public? What would be the consequences?

Public methods in the controller are normally controller actions. Do
you have a specific reason for wanting them public?

Colin

Because external code could be written to take advantage of your authentication process and break in. In general, any method you don’t want other parts of your code to have access to and/or are only for the internal workings of the code they are in should be private.

B.

I don't, I just wanted to understand the nuance of keeping those methods
private - thanks!

if the assignment of current user is public, a users can steal resources from another.