Please describe the scenario where someone needs to make the assumption you described and it is reasonable to expect that they are unaware that symbolic links could be changed by a third party library?
Maybe I misunderstood your argument, but /proc/[pid]/exe is a symlink in Linux 2.2 and later (so virtually all running instances of Linux today).
That said, your example doesn't make much sense to me. I'd be willing to bet a lot of money that the authors of the exploit chain you mentioned are aware of LD_PRELOAD and /etc/ld.so.conf.
