Textbook of Linux

Also known as: userland

User space (or userland) is the portion of a system's memory and privilege where ordinary application programs execute. Code running in user space cannot directly access hardware, manipulate page tables, or inspect other processes' memory; it sees only its own virtual address space, and it requests everything else from the kernel through system calls. This separation is the foundation of multi-user, multi-tasking operating systems: a broken program can only damage itself, not the kernel or other processes.

On x86-family hardware, user space corresponds to CPU privilege ring 3, while the kernel runs in ring 0. On ARM and other architectures the names differ but the principle is the same. The boundary is enforced in hardware: a user-space attempt to execute a privileged instruction raises a trap, which the kernel turns into a signal (commonly SIGSEGV or SIGILL) delivered to the offending process.

In Linux, nearly everything you interact with lives in user space: the shell, all command-line utilities, the X server or Wayland compositor, every browser and editor. Even system services like systemd, sshd, and dbus-daemon are user-space programs; they are "system" software only in the sense that they run with root privileges and manage parts of the machine on behalf of other users.