And make it relatively painless to create plugins with more performance vs using IPC.

On the other hand if they crash or contain memory corruption bugs, the host process suffers as well.

The corollary being that you don't need to worry about breaking things when upgrading libc

Well sure, but at least for networked services (which is unfortunately a substantial fraction of the binaries on my computer) I'd happily take the security over functionality tradeoff.

If things don't work, I notice and fix it. If things aren't secure, I don't notice, get hacked, and my files get ransomed back to me.

You could have both, in theory. Ie, use static linking unless a compatible version of the library is present on disk with a higher version number at runtime.

That won't prevent the higher version from breaking your application.

In theory it could, simply remove the newer version and the app uses it's internal library again.

Or alternatively, like LD_PRELOAD, just have an env variable; LD_DONT_PRELOAD. Though that would make it more complicated.