Added Redhat Enterprise release 5 support.
Requests to the /unauthenticated URL can never execute CGI programs, to provide an extra layer of security against URL escaping attacks.
Fixed XSS bugs in pam_login.cgi.
+---- Changes since 1.370 ----
+Hid the Jabber and Security Sentries modules by default, as the underlying software is no longer supported.
# Validate source directory
allmods=`cd "$srcdir"; echo */module.info | sed -e 's/\/module.info//g'`
+defaultallmods=`cd "$srcdir"; echo */module.info | grep -v jabber/module.info | grep -v sentry/module.info | sed -e 's/\/module.info//g'`
if [ "$allmods" = "" ]; then
echo "ERROR: Failed to get module list"
echo ""
afile=$config_dir/webmin.acl
rm -f $afile
if [ "$defaultmods" = "" ]; then
- echo "$login: $allmods" >> $afile
+ echo $login: $defaultallmods >> $afile
else
- echo "$login: $defaultmods" >> $afile
+ echo $login: $defaultmods >> $afile
fi
chmod 600 $afile
echo "..done"