You can make sudo password-less for a single command (including using specific arguments) though, so even if using sudo were the only solution, it wouldn't be that bad. For example, I have a sudoers entry that allows my user to decrypt my ZFS pool by executing a root-owned script (with permissions 700), but everything else requires a password.