[docs] [issue25255] Security of CPython Builds
report at bugs.python.org
Mon Sep 28 18:52:22 CEST 2015
Steve Dower added the comment:
Basically through trusting the people who produce the builds.
You can also verify the hg changeset by looking at sys.version and matching it to the tagged release. If there are any differences between the tagged commit and the one used to build, there will be a "+" in the version (though honestly, there are ways to avoid showing that if someone really wants to hide it, so it isn't a guarantee).
Python tracker <report at bugs.python.org>
More information about the docs