Notices

So I've been playing with SMSCON, and there seems to be a flaw: there's nothing to prevent someone who finds my phone from opening the application manager and uninstalling it. Or they might reset it to factory settings. Furthermore, the N900 is rootable, and even if I reverse SSH in and apt-get remove rootsh, there's nothing to stop them from just reinstalling it.
So what I am looking for is:

1. A way to disable certain binaries/scripts (any application managers, and the reset phone script)
2. A list of what ones to disable.
3. A way to prevent the holder of the phone from getting root while still allowing me to ssh in as root (with password).

I'm fine with a shell script or Python or whatever, as long as I can trigger it remotely.
Does anyone have any suggestions?