Is there a way to allow Telnet/SSH yet not allow they to run processes? I had someone run a root'er on me before and I am put off on allowing access via Telnet now.

You can put restrictions on server-side processes via /etc/login.conf, but it won't really help you.

If someone can gain root access to your system once given shell access, they can gain root access once given cgi access. There is no point simply restricting shell access; you'd have to restrict everything apart from FTP and serving static web pages.

I think the solution is to improve security so that your system is not easily rootable... whatever Redhat might cause people to believe, "insecure by default" is *not* a necessary fact of life.

I was about to vote yes, but the I saw your SSH reference so I figured you included both of them in your question.