a few people share a computer and they only ssh in to their own web servers.
meaning they open up a terminal on the shared computer
and they type
ssh theirsite.com -l theirID
now they are able to access their web terminal. while connected to their server through the ssh terminal, is it possible for them to try downloading or uploading or can do something through the ssh terminal that could damage the computer ?
They are on the (local) computer, so they can damage it. They can probably hit it with a hammer too since it's right there in front of them. What are you asking?
Can they use SCP or FTP from a terminal in SSH? Yes. What wouldn't they be able to do? If X windows is available they could start a complete KDE session over SSH and have a whole new desktop (remote) and it's the same as if they were on a local CRT screen over at the colo where the server is located.
for the scenario they can only access the terminal. they cannot click outside. basically, its like starting your linux computer in recovery mode with networking. you just have the terminal. the only command you can run is ssh yoursite.com -l login.
I'm still guessing what "computer" you are talking about, I ASSUME you mean the local one being somehow damaged.
There are commands in SSH where you can open a local port and forward it, oh what fun you might have with that. I could telnet (or whatever) into the local machine's port (sort of backwards) and bypass any firewall since it thinks I am local.
Depending on how SSH is set up you could use the "~C" terminal command to execute a local command.
You should read the man page for SSH, it's pretty powerful. I'm not sure why you are asking all this. If it's a windows machine, have fun trying to lock people out from doing nasty stuff like dropping to DOS, inserting a USB drive or something.
I would be very careful assuming you are safe letting unknown people access your local machine, if that's what you were talking about.
If you have a custom compiled SSH client or in FreeBSD, I believe you can disable certain features when configuring i.e. ./configure --disable-FEATURE , perhaps you can disable reverse tunneling so the local terminal will not be able to open local ports.