no. he transfers the funds from the shared private key to his private private key as soon as he gets the shared private key. (which only takes a minute because he can trust his own 0 confirmation transaction)
Um he can't trust the 0-confirm transfer from a private key known by someone else. You could already be racing him to the next block in a double spend using that private key, or created a tx with a massive fee attached to tempt irreputable miners, or used your own hashing power to perform a Finney attack.
Shared Private Key = EXACTLY SAME LEVEL OF SECURITY as 0-confirm tx on the blockchain.
Please don't share misinformation which could result in someone losing funds to an attacker.