To add to this, in case of any remaining confusion. You can implement your own execve in userspace. [0] But the kernel's execve is a piece of machinery that invokes the loader so obviously it follows that you're free to make any changes you'd like to the overall process.

Bonus points if you add compression or encryption and manage to trip a virus scanner or three. [1]

[0] https://grugq.github.io/docs/ul_exec.txt

[1] https://blackhat.com/presentations/bh-usa-07/Yason/Whitepape...