permission on server.xml

[mast]

Hi, one question i think
exemple we run java with user and group www
server.xml need to be readable for tomcat to work, but each user that have 
access to a tomcat account can also read it with a simple jsp code how can we 
prevent that ? (or tomcat-user.xml)