User mode: Difference between revisions
privilige -> privilEge, that ->than |
No edit summary |
||
| Line 4: | Line 4: | ||
User mode does not allow the program to access certain privileged operations of the processor in order to protect the operating system from crashing. Each application that runs in user mode runs in its own protected user space, and is not able to access any other application's user space. |
User mode does not allow the program to access certain privileged operations of the processor in order to protect the operating system from crashing. Each application that runs in user mode runs in its own protected user space, and is not able to access any other application's user space. |
||
The [[x86]] architecture is unusual in having four [[privilege level]]s, of which the most privileged, ring 0, is treated as kernel mode. The least privileged is ring 3, usually treated as user mode. [[Rings 1 and 2]] are rarely used. |
The [[x86]] architecture is unusual in having four [[privilege level]]s, of which the most privileged, ring 0 (zero), is treated as kernel mode. The least privileged is ring 3, usually treated as user mode. [[Rings 1 and 2]] are rarely used. |
||
==User mode in operating system design== |
==User mode in operating system design== |
||
Revision as of 06:14, 22 September 2005
User mode refers to two similar concepts in computer architecture. In CPU design, a user mode is a nonprivileged state where the executing code is forbidden by the hardware from performing certain operations (such as writing to memory not assigned to it) which could destabilize the system or constitute a security hole. In operating system design, user mode is an analogous nonpriviliged execution mode where the running code is forbidden by the kernel from performing potentially dangerous operations such as writing to system configuration files, killing other users' processes, rebooting the system, etc.
User mode in CPU design
User mode does not allow the program to access certain privileged operations of the processor in order to protect the operating system from crashing. Each application that runs in user mode runs in its own protected user space, and is not able to access any other application's user space.
The x86 architecture is unusual in having four privilege levels, of which the most privileged, ring 0 (zero), is treated as kernel mode. The least privileged is ring 3, usually treated as user mode. Rings 1 and 2 are rarely used.
User mode in operating system design
User mode refers to the normal privilege level of an operating system that implements separation of privileges; that is, the ordinary level which is opposed to the special privileged superuser or administrative level (called "root" on Unix-style systems.) Every process started in user mode on such a system is granted and denied certain privileges, usually based on those assigned to a logged-in user who started the process.
An operating system's user mode is typically (though not necessarily) implemented by running code in user mode on the underlying CPU to gain hardware-level protection from inadvertent or malicious attempts to access another process' memory. User mode at the operating system level entails a much more complex set of permissible actions than what is provided at the CPU level, though; for example, on Unix systems, code running in user mode is not allowed to access ports below 1024, while code running in superuser mode is.