sudoedit -h: a TOCTOU on /etc/sudoers.d that's older than git

sudo's edit mode resolves include paths twice — once to read, once to write. Between the two stats, /etc/sudoers.d/00-local can be swapped for a symlink owned by the calling user. The PoC fits in a tweet.