An operating system performs various tasks relating to a computer system, including managing its hardware and software resources. Hardware resources include processors, primary storage (e.g., memory), secondary storage (e.g., hard disk or optical disk), printers, display adapters, network interface cards, input/output ports, etc. Software resources include application programs, user interfaces, device drivers, network protocol stacks, etc. The operating system manages and coordinates these resources to complete various tasks, such as under the direction of an application program.
Operating systems may complete their tasks in user mode or in kernel mode. When in user mode, components of the operating system generally perform tasks relating to application programs. When in kernel mode, components of the operating system generally perform tasks relating to managing hardware devices, device drivers, the operating system itself, and other tasks not directly relating to application programs.
User mode components, such as applications, generally operate in an unprivileged security context. In this unprivileged security context, the operating system and computer system impose constraints on the components including restricting access to memory or other hardware resources. User mode components can, e.g., use a shell to provide information to a user or receive input from the user.
Kernel mode components generally operate in a privileged security context. In this privileged security context, the components may be able to access hardware directly, read from and write to memory outside the components' address space, and control other resources. Thus, malicious or malfunctioning components can perform tasks that could be harmful to the operating system or undesired by users of the computer system. Users of computer systems may desire to make their operating system more secure to prevent such harmful or undesirable behavior. However, creators of components may not wish to provide information a user can use to prevent this behavior, or may be unable to provide such information because a kernel mode component generally cannot communicate directly with a user through a user interface.