Our general policy is not to give customers access to anything in their clusters beyond a deployment method, and sometimes shell access to a development/staging server that is isolated from the rest of their infrastructure. We find that we can keep everything running in a consistant state when all changes and requests are funneled through us, and the customers have limited capability toward hijinks.
I do realize that our model is quite different from what is otherwise referred to as "managed hosting". I'm curious to find out what level of access other managed hosting providers give their customers? Do you give customers root access? Shell access? Do you only give them deployment access as well as some sort of a control panel?
For our managed dedicated clients, we do not give out root access unless it's absolutely necessary. They can use SSH as a normal user, and they have a control panel to manage their websites/email/db's, etc...
For everything else we control it, which makes their server more stable, and allows us to actually manage the server and be pro-active instead of reactive to things caused by the client.
So at least I'm not the only one. I had a customer recently turn us down because we don't give out shell access, and he seemed rather appalled by it. In general we've found that since we switched to the model of only letting customers upload content & code, that reliability and manageability has increased greatly.