gain us anything to run as the user since an attacker can just have
an setuid(0) in their egg. Running as root solves potential problems
wrt signalling.
add a flag to specify an auth method is running alone (the only
one). Pass auth methods their sudo_auth pointer, not the data
pointer. This allows us to get at the flags and tell if we are the
only auth method. That, in turn, allows the method to be able to
decide what should/should not be a fatal error. Currently only
rfc1938 uses it this way, which allows us to kill the OTP_ONLY
define and te hackery that went with it. With access to the
sudo_auth struct, methods can also get at a string holding their
cannonical name (useful in error messages).
