fix(security): normalize MEMPALACE_PALACE_PATH env var with abspath+expanduser

[arnoldwender]

Finding split from #809 per @bensig's review request.

Summary

MEMPALACE_PALACE_PATH (and legacy MEMPAL_PALACE_PATH) from the environment is returned as-is from Config.palace_path, without os.path.expanduser() or os.path.abspath(). The sibling --palace CLI path gets abspath() applied at mcp_server.py:62, creating an inconsistent normalization boundary.

Affected version

v3.3.3 — verified against develop @ 8ac98f0, file mempalace/config.py:167-172.

Reproduction

export MEMPALACE_PALACE_PATH='~/palace/../../etc/mempalace'
python -c "from mempalace.config import get_config; print(get_config().palace_path)"
# Prints: ~/palace/../../etc/mempalace   (literal, with tilde and ..)

vs. the CLI arg, which gets normalized at the MCP entry point:

python -m mempalace --palace '~/palace/../../etc/mempalace'
# Resolves to /etc/mempalace

Impact

Low — post-auth local issue. An attacker who can set environment variables on the target user's session (shell profile injection, direnv, an .envrc committed accidentally, a compromised parent process) can redirect palace storage to an unexpected location. Also breaks user intuition — ~ is not expanded and relative segments are not collapsed, so the stored path can silently point somewhere other than the user expects.

Suggested fix

In mempalace/config.py:

@property
def palace_path(self):
    env_val = os.environ.get("MEMPALACE_PALACE_PATH") or os.environ.get("MEMPAL_PALACE_PATH")
    if env_val:
        return os.path.abspath(os.path.expanduser(env_val))
    return self._file_config.get("palace_path", DEFAULT_PALACE_PATH)

Happy to submit a PR.