User space

Updated: 04/02/2019 by Computer Hope
Illustration: user space visualized as the outermost layer in an a sphere, with kernel space as the nucleus.

In a computer operating system, user space is the portion of memory which contains unprivileged processes run by a user. It is strictly separated from kernel space, the portion of memory where privileged operating system kernel processes are executed.

This separation of user and kernel space is called privilege separation. Programs run by a regular user are sandboxed so they cannot have complete access to the computer's memory, disk storage, network hardware, and other resources. Only the most trusted code running on the computer, the operating system kernel, has complete access to read and write to all components of the computer.

If there are vulnerabilities in a computer's privilege separation, an unprivileged attacker can access sensitive information stored in kernel space. For example, the Meltdown and Spectre vulnerabilities allow data in kernel space, such as a password, to be correctly inferred from user space.

Administrator, Device driver, Operating System terms, Privileges, Security