A lightning node is just a server. The keys to your node’s liquidity are stored on that server by default.
0/5: hosted with a datacenter company that you’ve never heard of or has no reputation yet (someone likely has access to your keys)
1/5: hosted with a datacenter company like AWS with a lot of reputation – employees have permissions, protocols, etc to protect your data, but yes, you are still trusting that AWS won’t sweep your wallet.
2/5: hosted with a datacenter company that specializes in LN node hosting – many of them are just using AWS but at least you get better tooling, and customer support
3/5: hosted on a linux server in your primary residential space
4/5: hosted on a linux server in a secure location you control away from your primary residence (like a business location you own) – at some level, its better to sleep far away from your node and rest assured that there is 24/7 security watching over your node.
5/5: hosted in a distributed server cluster across multiple physical secure locations you own (aka, you are a datacenter like AWS but you control the entire stack)
Even if you have sole signing authority (you are the only person who has access/control over the keys), there are still lots of ways to shoot yourself by mishandling funds in the Lightning Protocol.