avoid database corruption

Question

avoid database corruption

Closed this issue 7 months ago · 1 comments

The generated Cypher queries might cause changes to the database.
This should be prevented by managing the rights associated with the credentials used by the system.

TODO:

In the PrimeKG Neo4j Docker image, set these rights accordingly.
Possibly, include the following warning from LangChain in our readme:

    *Security note*: Make sure that the database connection uses credentials
        that are narrowly-scoped to only include necessary permissions.
        Failure to do so may result in data corruption or loss, since the calling
        code may attempt commands that would result in deletion, mutation
        of data if appropriately prompted or reading sensitive data if such
        data is present in the database.
        The best way to guard against such negative outcomes is to (as appropriate)
        limit the permissions granted to the credentials used with this tool.

        See https://python.langchain.com/docs/security for more information.

Answer 1 · 2024-02-06T11:49:45.000Z

For now, this has been solved by adding the flag --env NEO4J_server_databases_default__to__read__only=true to the docker run commands in the readme.