however RDBMS-like databases allow permitted users connecting to the server to not just modify rows, but also structure as well.

Eh, no, unless you give out grants that way. RDBMS typically have a fine-grained permission system, defining who can see or modify what.

Wise monks, what do you suggest?

I don't understand the options. I can see a choice between "Can it" and "Linked can", but "Hijack" seems to be a different decisions. The decision to "Hijack" or not seems independent to "Can it" or "Linked can". As for the Hijack choice, I suggest using "Test::Database". If the installer wants to run test, (s)he'll have to install "Test::Database", which makes him/her configure a test database for use. This will give your tests a safe sandbox to play it. If Test::Database isn't installed, or not configured to be used with the database you require, you skip the tests.