Maybe the sqlite3_set_authorizer() interface would help to implement "cooperative protection" as oposed to "protection against hacking". It would require that "stuff to be protected" and "unprotected stuff" reside in distinct tables and/or fields and a callback that allows or denies the execution of specific actions.