You could create another form asking for a password which will elevate user privileges if validated. Kinda like sudo for linux. Then you have to find a way to relegate privileges: when the php session id is destroyed/changed (when browser is closed and reopen), or when it times out.
Well Yii is based on php. And when starting a session with php it creates a cookie with the session id, if the cookie already exists it will load the session using the session id. From that point of view it is not possible to have 2 php sessions running at the same time. And the whole yii user stack is based on a single php session. Running 2 parallel sessions is not possible unless using 2 different browsers.
As I mentioned, you can extend the current session and control strictly elevation and relegation of privileges.