OSNews

Rings 1 and 2 were invented to run code that is "less trusted than the kernel, but more trusted than user processes", such as system software and device drivers. Consequently, some of the special operations from ring 0 are allowed in ring 2, and even some more in 1, but still not all.

It was an early attempt to make the OS kernel resistant against faulty drivers. However, in the end it was too inflexible to support all the different security schemes from various OSes, and so developers started to ignore them and implement everything in ring 0.

Another reason is of course that Unix was designed with only two privilege levels in mind and was not able to make use of four without significant re-design during porting.

There are more parts of x86 design like this, parts that were designed to support OS implementation but in the end turned out to bee too inflexible. The article already mentioned call gates (for hardware-supported system call entry, and possibly inter-process communication) and task gates (hardware-supported context switching and also IPC). It did not mention that the x86 actually has a hardware-implemented process table. It was an attempt to implement half the OS in hardware, and was quickly forgotten when OSes were designed that behaved differently than the hardware implementation. Nowadays it's only there because of backwards compatibility.