Why can’t the attacker with db access drop the trigger?
You could (and should) run with minimal permissions which would exclude DDL.
You could (and should) run with minimal permissions which would exclude DDL.