Recently I've reviewed nearly 100 Xen Security Advisories (http://xenbits.xen.org/xsa/), except some bad security coding practices for any ordinary software, I found there are some specific security issues that we need to take into considerations when designing prvilieged hypervisors or privileged emulators.