[Security:low] Restricted users can edit conf by using default route
Concerned version
Version: %2.0.5
Platform: Nginx/Apache
Summary
By using default route http://manager.example.com/manager.psgi (Nginx) or http://manager.example.com/manager.fcgi restricted users (like 'rtyler' here) can modify and save a configuration.
Possible fixes
Append an option in lemondap-ng.ini / Manager section to set default enabled module (viewer by default). Not authorized users will be redirected to Viewer.