Hi,
This is just how cookie sessions works.
Yes and no. Session cookies (as all cookies) should be limited to the path they are valid for.
"The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain. If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain. The default value is the current directory that the cookie is being set in."
The last sentence might be false or it just doesn't work.
-Martin