Add check to make sure the target paths are within the allowed mount directory!

Before executing any of the requests make sure that the target path provided by the client doesn't have any gotchas such as an extra trip to the parent directory of the mount point, or worse the root of the actual server's file system.

Obviously, this shouldn't happen unless there is a serious client-side bug (or the client is actually a malicious attacker).