In this circumstance, access should be clearly separated into roles at different levels. When hosting a web application a separate password and user should be used for database access by the web application. The web application should never have root access to any other domain. In a similar way, real world users should be divided into roles and categories and non-should be granted full root access.
All passwords should be strong and secure - reference the section on strong passwords for further infromation [strong passwords | strong passwords].
==Shared Hosting==