If I were to setup a VPS to use along with some of my friends and family, they would expect some transparency and guarantees as to the privacy and security of the server. One of the ways to achieve it, in my mind, would be to disable root login and have every change made with administrative account be logged and emailed to everyone involved.
Do you think it is a reasonable setup and how would you go about setting one up? Which tools and procedures would you use.
The reason I’m asking is that if we want to be able to create decentralized ecosystems, they are no different from large centralized systems in terms of data privacy. In some ways it is worse because you are working with a much smaller scope.