Thank you for bringing up this security issue which I have to consider myself for relating data tables.
Having searched the forum I’ve found this thread: security of linked tables (Oct 2019) and a related feature request.
The following solution for choosing and giving access only to specific columns is a feature of the „accelerated tables beta“ brought by the Anvil team: choose specific columns in Acc Tables Beta (Mar 2023).
That feature prevents making extra „shadow tables“ as suggested, right?
Are there other „best practices“ for securing data tables etc. which are not obvious at first sight? I have found many hints here and there which I integrate into my anvil/python code. I am not a security expert but I know enough to know that I depend on relying on a secure infrastructure and that I am grateful for any recommendations to „harden“ code.