diff --git a/native/jni/magiskhide/proc_monitor.cpp b/native/jni/magiskhide/proc_monitor.cpp
index 12576f16d..787d6c34f 100644
--- a/native/jni/magiskhide/proc_monitor.cpp
+++ b/native/jni/magiskhide/proc_monitor.cpp
@@ -59,9 +59,6 @@ static inline void lazy_unmount(const char* mountpoint) {
 		LOGD("hide_daemon: Unmounted (%s)\n", mountpoint);
 }
 
-/* APK monitoring doesn't seem to require checking namespace
- * separation from PPID. Preserve this function just in case */
-#if 0
 static inline int parse_ppid(const int pid) {
 	char path[32];
 	int ppid;
@@ -77,7 +74,6 @@ static inline int parse_ppid(const int pid) {
 
 	return ppid;
 }
-#endif
 
 static bool is_snet(const int pid) {
 	char path[32];
@@ -144,11 +140,15 @@ static bool process_pid(int pid) {
 	if (pid <= 1000)
 		return true;
 
-	struct stat ns;
+	struct stat ns, pns;
+	int ppid = parse_ppid(pid);
 	int uid = get_uid(pid);
 	if (hide_uid.count(uid)) {
 		// Make sure we can read mount namespace
-		if (read_ns(pid, &ns))
+		if (read_ns(pid, &ns) || read_ns(ppid, &pns))
+			return true;
+		// mount namespace is not separated, we only unmount once
+		if (ns.st_dev == pns.st_dev && ns.st_ino == pns.st_ino)
 			return true;
 
 		// Check if it's a process we haven't already hijacked