Missing `session_pid` check for `RecordScope::Ppid` credential caching

[GrosQuildu]

trafficstars

Describe the bug For credential caching sudo-rs uses TTY, session pid and init time for RecordScope::Tty and only parent pid and init time for RecordScope::Ppid. This behavior differs from what sudo-project's sudo does: sudo checks session pid for both TS_TTY and TS_PPID record scopes.

To Reproduce Check in the codebases.

Expected behavior I would expect sudo-rs to mimic the behavior of sudo regarding verifying cached credentials. If there is a reason to differ then it may be worth documenting.

Environment (please complete the following information):

• Linux distribution: any
• sudo-rs commit hash: 17ead4e377b0addf3d13a537c92cbacb8e75a9f0

Additional context I cannot think of any realistic situation when the parent pid would differ from session pid while child processes execute sudo-rs and shouldn't share credentials cache. On the other hand, a more restrictive credential verification would be on the safer side of things.