Validate that data_dir is an existing directory suitable for read-only
snapshot serving, without mutating it. Unlike create_data_dir_secure
this never creates the directory and never calls set_permissions: a
read-only open must leave the directory byte-for-byte unchanged. It only
confirms the path exists and is a directory; the actual read access is then
proven by opening the catalog and heap files read-only.