Originally Posted by Megol
User space/kernel space is one kind of division. Allowing different processes (Unix term) accessing different things is another.
But you seem to think this kind of division have anything to do with multi-user support. Multi-user support in it self is the support of several users, not anything to do with either protection _or_ security.
Do you agree with that? Otherwise this discussion can't lead anywhere.
Multi-user support, as in different "owners" of processes and whatever, is a consequence - it's just a semantic abstraction away from any kind of security model.
I do, yes. Among those are capabilities.
So to what do you grant capabilities? To individual binaries? To some sort of an abstract entitity, like a "user"?
Please name an operating system that is considered secure and yet has no concept of "users".