I find it is extremely hard to believe Red Hat enables this feature by default. It is not because of security paranoia, but it is simply critical, very bad practice and should be avoided at all cost. The best practice of course is to allow ssh access from unprivileged users only, and then if needed, he can su to become root.
*** This bug has been marked as a duplicate of bug 89216 ***