rule(Read sensitive file untrusted):google_oslogin

Related to https://github.com/GoogleCloudPlatform/guest-oslogin, full
cmdline is google_oslogin_control.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>

rules/falco_rules.yaml

@@ -1492,7 +1492,9 @@
     and not proc.name in (user_mgmt_binaries, userexec_binaries, package_mgmt_binaries,
      cron_binaries, read_sensitive_file_binaries, shell_binaries, hids_binaries,
      vpn_binaries, mail_config_binaries, nomachine_binaries, sshkit_script_binaries,
-     in.proftpd, mandb, salt-minion, postgres_mgmt_binaries)
+     in.proftpd, mandb, salt-minion, postgres_mgmt_binaries,
+     google_oslogin_
+     )
     and not cmp_cp_by_passwd
     and not ansible_running_python
     and not proc.cmdline contains /usr/bin/mandb