Yes, I've actually been wrestling with these thoughts myself for a while now. It all started as a way to practice applets and learn AWT/Swing. Once I realized the security risks I decided to see if I could find out a way to prevent "malicious use" of the database but since it's client side code it's near impossible to prevent.

Nothing like a near impossible challenge, eh?