Exactly, that is our thought process!

We know that this isn't anything revolutionary, but most people assume that this kind of thing can't happen, so we wrote a blog post about it.

Please describe the scenario where someone needs to make the assumption you described and it is reasonable to expect that they are unaware that symbolic links could be changed by a third party library?

I know one example off the top of my head, but it's part of an exploit chain I haven't got around to reporting yet ;)

What's the relevance of symlinks here?

Maybe I misunderstood your argument, but /proc/[pid]/exe is a symlink in Linux 2.2 and later (so virtually all running instances of Linux today).

That said, your example doesn't make much sense to me. I'd be willing to bet a lot of money that the authors of the exploit chain you mentioned are aware of LD_PRELOAD and /etc/ld.so.conf.