public inbox for [email protected]  
help / color / mirror / Atom feed
From: vaibhave postgres <[email protected]>
To: [email protected]
Subject: Rendezvous variables: safe to pass an access token between two extensions?
Date: Thu, 9 Jul 2026 16:06:58 +0530
Message-ID: <CAM_eQjy8rG7yExX5JMhA3UKycWfvtw6w-x-SBV+sPmKWAmXvMA@mail.gmail.com> (raw)

Hi all,

Extension A receives an access token and needs to hand it to extension B,
which publishes a handler function via a rendezvous variable
(find_rendezvous_variable).

Since rendezvous variables are just a global, name-keyed void * with no
notion of who populated the slot, is it safe to pass a sensitive value (the
token) this way? My worry is that another loaded module could register the
same name and receive the token instead of the intended extension B.

Is there a supported way to verify the publisher of a rendezvous variable,
or is there a better way to do this? Any prior art would help.

Thanks.


view thread (2+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected]
  Subject: Re: Rendezvous variables: safe to pass an access token between two extensions?
  In-Reply-To: <CAM_eQjy8rG7yExX5JMhA3UKycWfvtw6w-x-SBV+sPmKWAmXvMA@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox