Safety of Amazon Community AMIs

tags:

amazon-ec2

views:

answers:

+2 Q:

Safety of Amazon Community AMIs

Hi,

I am working for a scientific project and would like to use the Amazon EC2 to host the same.

Now, I was going through the existing AMIs to create my own, but I found one AMI in the community list of AMIs - which fits perfectly.

My question is the following - are the community AMIs safe? Is it possible for a malicious user to create an AMI in such a way that say the usernames/passwords etc can be sent to a remote server or something? Does Amazon do any sort of checking to make sure it cannot happen?

I couldnt find the answers to these in Amazon site. I am pretty sure that you guys would have felt the same issues - could you please provide your answers?

Regards

+3 A:

The community AMIs are not especially safe - if you trust the source of the AMI, it should be okay, but if the source is an unknown entity to you, you should probably take it easy.

The AMIs basically allow you to install whatever you want in the image - you could have licensing issues or malicious software if you are not cautious in your approach to these.

I generally create my own, starting with a base image of what I want (Ubuntu) and installing what is needed.

stevedbrown 2010-03-26 17:51:13

Thank you very much Steve.I will also do the same.

Koran 2010-03-26 17:55:47

Steve, What about the official amis - https://help.ubuntu.com/community/EC2StartersGuide - these are safe, right?

Koran 2010-03-27 01:58:18

I think those would be solid - like I said, if you trust the source, they're probably okay. If it's from Ubuntu or Amazon, it seems pretty safe.

stevedbrown 2010-03-29 13:30:05

ansaurus

tags:

views:

answers:

Safety of Amazon Community AMIs

related questions