Hrm. Well, I guess this might be possible but technically speaking each visitor has his/her own session object and should not be able to access any others.
Typically though, you can get around this by looking at how the sessions are being serialized and stored. If the sessions are file-based, then maybe you count the number of session files you have. If they are db-based, then query the number of session records...
However, I have no idea how accurate these methods really are. If you need that type of granular control over each session, then you might consider creating your own session support. It is very easy, and you will have a lot more control over how sessions are created and what data you have access to.
justin 'at' abrogo.com
Shared Unix Hosting