QSaveFile follows symlinks unconditionally since https://codereview.qt-project.org/c/qt/qtbase/+/86396, but this is not always the desired behaviour.

When writing files to a disk cache, e.g., following symlinks out of
the cache directory is not needed; doing it nonetheless could pose a
security risk (by leveraging any elevated permissions the user of
QSaveFile may have over someone that can just create files in the
cache dir).

QTemporaryFile is not a replacement, because its rename() method
refuses to overwrite existing files. So Qt API doesn't have a way to
express the classical Unix pattern of mktmp + mv to safely escape
symlink attacks (see also the old bug-report QTBUG-2082, which I
reopened as a result).

So, we should add a mode to QSaveFile that makes it not follow symlinks. We might also want to add a variant of QTemporaryFile::rename() that does overwrite.