Recently I've been learning the concept of trusted computing base, and I've seen 2 types of TCB:
Where, from my understanding, the main difference is that in the former we have many OS oriented processes, like file system or virtual memory management system running in the kernel (therefore in the most trusted level, highest permissions), and in the later we move as much as possible to run in the user space. (with usually lesser permissions)
What the rational behind making a smaller kernel? Isn't it more secure to run, for example, device drivers in the kernel?