TftpServerState.serverInitial: prevent access to prefix-sharing siblings of tftproot

[risicle]

Ok, I couldn't take it any longer. Here's the fix for #110.

Along with it I fleshed out the tests around permitted and disallowed request paths so that we have examples of absolute and relative requests for each. I really needed to go the extra step here and create a dummy populated root directory. Simply using files that happened to be hanging around the source tree would be too liable to accidental breakage from coincidental moves or renames. And such breakages would likely be silent because pretty much every failure just raises a TftpException. And a test asserting a TftpException is raised doesn't know/care whether it's because of a permissions failure or a "file not found" failure.

[msoulier]

Thanks, I'll look at pulling this in soon.