The traditional approach is to have drivers run in kernel space. If there ends up being an issue, it could crash the entire system instead of just the relevant process. From the security side of things, in the traditional drivers are run with the highest set of security capabilities. A flaw in a driver that allows, say code execution, would run that code as a high privileged user (usually a system user root in the case of *nix). Running then in her space dramatically lowers the impact of exploitation.