Fix pathlib Path wrapping to use concrete platform path type

[seanwevans]

Motivation

• The sandboxed pathlib.Path subclass previously inherited from module.Path, which can be an abstract class and may not match the concrete platform-specific Path implementation, causing platform-specific behavior regressions.
• The goal is to preserve Path semantics across platforms while retaining sandbox enforcement for file operations.

Description

• Change the sandbox wrapper to derive SandboxedPath from the concrete runtime path class using type(module.Path()) instead of module.Path to preserve platform-specific behavior.
• Preserve the existing open() override on SandboxedPath, which continues to apply io.text_encoding() for text modes and delegates to _blocked_open(...) with the same argument flow.
• Replace mod.Path with the new SandboxedPath in the pathlib branch of _wrap_module() in pyisolate/runtime/thread.py.
• Add a regression test test_pathlib_path_read_text_respects_fs_policy in tests/test_policy_enforcement.py that imports pathlib inside the sandbox and asserts Path(...).read_text() under allowed and blocked filesystem policies.

Testing

• Ran pytest -q tests/test_policy_enforcement.py::test_pathlib_path_read_text_respects_fs_policy tests/test_policy_enforcement.py::test_policy_import_and_fs tests/test_thread_imports.py and all tests passed (5 passed).
• The new regression test exercised both allowed and blocked reads and behaved as expected under policy enforcement.
• Cross-OS CI matrix validation (Windows + POSIX) was not executed in this container, but the change uses the concrete Path type and the test is written to be OS-portable for CI runners.

---

Codex Task