A privileged user or the owner of the process can do whatever they wish with it. There's a load of options, and basically nothing you can to to 'protect' it. However running the 'password/decrypt' as a different userid means at least it'd require root to interfere, which is about as good as you're going to get.

Same applies to injection and interfering with STDIN - root can, other users can't. (At least assuming you're not doing something particularly daft with your code).