[FIX] RSS portlet lists administrative parameters in the browser

The following parameters have the old <security role="admin"/> constraint
which, of course, does not work with the new security model. Probably need to
review other portlets possibly secured using the old method. Might as well
remove the permissions (close,maximize,view,etc) from the permission table to
avoid confusion.