The reason I am asking is because chkrootkit will always ...

ExtUtils::Installed provides a standard way to find out what core and module files have been installed. It uses the information stored in .packlist files created during installation to provide this information. In addition it provides facilities to classify the installed files and to extract directory information from the .packlist files.

Patching chkrootkit is not really an option, because you would open a door for an attacker, who could hide stuff explicitly in .packlist . On the other hand, if you delete your .packlists and one pops up later on a chkrootkit run you would know that either someone has installed or updated a Perl package, or your system may have been compromised. From the chkrootkit FAQ:

8. chkrootkit is reporting some files and dirs as suspicious: `.packlist', `.cvsignore', etc. These are clearly false positives. Can't you ignore these?

Ignoring some files and dirs could impair chkrootkit's accuracy. An attacker might use this, since he knows that chkrootkit will ignore certain files and dirs.

Anyway, if only the mentioned ExtUtils::Installed will cease to function, I think I could live with that. Unless of course, this would have side effects for example in CPAN.pm

So, let's rephrase my orginal question: can I, or can I not, live without ExtUtils::Installed?

If knowing what .packlist files are for is not enough information I can't help you. How am I supposed to know if you can live without ExtUtils::Installed (I can't)?

MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"

I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).

** The third rule of perl club is a statement of fact: pod is sexy.