That "hack" uses reptyr to attach to the existing pty, which requires ptrace permissions.
The same "hack" can be done against sudo if you ptrace attach to the shell that started sudo.
This isn't a new issue. It's well known that if 'user1' has ptrace permissions, they can ptrace other processes for 'user1', and thus 'user1' can compromise 'user1'. If 'use1r' is also running sudo or run0 or anything else sensitive, it follows that the thing in the tweet is possible.
This would be an issue if 'user2' could take over 'user1's pty or such.
The same "hack" can be done against sudo if you ptrace attach to the shell that started sudo.
This isn't a new issue. It's well known that if 'user1' has ptrace permissions, they can ptrace other processes for 'user1', and thus 'user1' can compromise 'user1'. If 'use1r' is also running sudo or run0 or anything else sensitive, it follows that the thing in the tweet is possible.
This would be an issue if 'user2' could take over 'user1's pty or such.