[Merge to M59] Whitelisted clipboardRead Permission

chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc

Index: chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc
diff --git a/chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc b/chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc
index 998c7cdd5ad3c6ed820d5d8e667dd9ec81c2a4a9..a5c461bc871fed77bc58a4d24e6f3d056cd4b2d0 100644
--- a/chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc
+++ b/chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc
@@ -433,10 +433,9 @@ const char* const kSafePermissionStrings[] = {
 
     "certificateProvider",
 
-    // This is risky, but blocking extensions just because they declare
-    // clipboardRead is unfortunate. Options: (1) Make clipboardRead return
-    // empty string (2) confirmation dialog.
-    // "clipboardRead",
+    // clipboardRead is restricted to return an empty string (except for
+    // whitelisted extensions - ie. Chrome RDP client).
+    "clipboardRead",
 
     // Writing to clipboard is safe.
     "clipboardWrite",