Now, let me throw a wrench into the machine...
On occasion, a user might need a special preference. It's happened to me, where the task at hand needed a special preference and it was revisited an a number of occasions over a period of days or weeks. Being unable to save that preference would annoy me at the least and impact my efficiency at the worst.
So consider if you really want them no never have access and if you do, develop a methodology to allow them to make their own preferences and if they prove useful for other tasks, become part of the standard.
There is a copy preference tool that would allow you to merge users custom preferences from other XIN files back into the "master" XIN file.
The simple solution is a workflow where by default, they get the master XIN read only. Then, if they need to create and save their own custom preference, they save the master to a standard location - preferably on the server where you can get to it for merging if and when that is necessary. When they don't need the custom preference, they continue to use the standard. And periodically, they share with everyone their custom preference and how it was needed and used and then, if it really is something others could use, you merge it into the master and they can delete their custom XIN, until they need to make another custom preference.