unfork(2)
https://github.com/whitequark/unfork [github.com]
2019-10-29 18:05
unfork(2) is the inverse of fork(2). sort of.
By combining userfaultfd with process_vm_readv, any userspace application can obtain a copy-on-write mapping (with some limitations) of memory it never owned. All it needs is ptrace privileges, which is to say, having the same uid usually works.