It should be off. It might fail to work if your account has no shell.
Interestingly, it's probably a pretty good idea to stop the amateurs doing this sort of thing — accessing, say,http://yoursite.com/yourscript.php?n=%3Brm%20-rf%20*is liable to delete all your files.
