Trojan Horses in ORACLE 6 SQL*net connections

    I am currently researching security measures for a client/server ORACLE 6 application. The server is running on an intel unix platform, while the clients are DOS-based.

    Some of our users will be dialling in using DCA's RLN (Remote Lan Node) product. For performance reasons, we must have the .FRM files resident on their PC's. It has occurred to me that a user could conceivably, if they were to have access to the ORACLE tools (certainly not unlikely, considering our user community), write their own form and replace our .FRM file with theirs; after our security checks have run at sign-on time, the application (in Menu/Forms) would call their form instead of our own, and then they could do various peeking and mischief in the database.

     We were thinking of having the menu system check a return code from each form it calls to be sure that it was a valid application form; if not, the security administrator would be notified and the user kicked out. BUT, if the user was slick enough, could they dissassemble the valid .FRM file and discover the necessary return code/global variable, thus completing the masquerade by their Trojan Horse? Lest it seem we are being paranoid, this is a system with a great deal of valuable financial data in it, and we must take every practicable safeguard. Is there a disassembler out there for .FRM files, which would let them discover the proper "handshake"?

   BTW, I plan to publish a posting on our final security sol'n; I would like to thank here all those who have responded to my earlier questions. Andrew Jones, NB GIC.

  Andrew Jones (LRPR_at_UNB.CA) "##include <standard disclaimer>"