Adds a rule to audit vendor domains from executing programs from /system
with the exception of domains whitelisted in the rule.

Bug: 36463595
Test: Boot sailfish
Test: Run SELinuxHostTests with the tests that checks for new violators
      (without the API check) to ensure it fails for sailfish. The API
      check will allow the test to skip the check.

Change-Id: Id19f32141bceba4db4bd939394ff3ee0b3c4b437
Signed-off-by: Sandeep Patil <sspatil@google.com>