If it's unlikely that someone would hack on the DB directly, then I don't see that you need an authorizer at all. Your application can simply mark the DB as "not editable" and then refuse to let someone edit it. If you install an authorizer atop that, what stops the end user from patching the authorizer call out? Are you depending on the dubious protection of a compiled binary-only program, or what? Please precisely define your threat model.