Analogous to https://forums.whonix.org/t/whonix-gateway-user-password.
If we ignore physical isolation should we allow everyone in sudoers group (effectively for most users only user user) to run any command using sudo / kdesudo without entering a password?
This is an excellent summary of the pros and cons of disabling sudo passwords that we can add a s a reference to an FAQ should we decide to proceed:
Given X11 and LD_PRELOAD, unsandboxed programs running under a regular user account can easily become root. All these things are changing with time as flatpak and Wayland support come online. However by this point then sudoless should also be safe.