I think it's reasonable to run the "chmod" linter on everything, including the global excludes, but I can't currently do it without duplicating all the global excludes as local excludes.

Some good/bad approaches that come to mind:

Make arc lint scan all subdirectories for .arclint (even those excluded by the root .arclint):

root
|-- .arclint      <- excludes root/vendor/
`-- vendor
    `-- .arclint  <- chmod linter

Then I could put the chmod linter right into the excluded subdirectory.

Allow linters to be grouped, with the excludes applying to the group:

{
  // Arbitrary group names
  "all-files": {
    "linters": {
      "chmod": {
        "type": "chmod"
      }
    }
  },
  "our-files": {
    "exclude": [
      "(^vendor/)"
    ],
    "linters": {
      // All other linters
    }
  }
}

The grouping could be done any number of ways, including, for instance, using an array at the top level: [{"exclude":...,"linters":...}, {...}].

New .arcconfig syntax to override global excludes at the linter level:

{
  "exclude": [
    "(^vendor/)"
  ],
  "linters": {

    // Exclamation!!
    "chmod": {
      "type": "chmod!"
    },

    // Some sort of a "global" property
    "chmod": {
      "type": "chmod",
      "global": true
    },

    // Let "includes" override the global excludes
    "chmod": {
      "type": "chmod",
      "include": [
        "(^vendor/)"
      ]
    }

  }
}

This is arguably the worst idea, but I mention it for the sake of completeness.