Use shared memory segments for sharing. And for security, use data encryption in them.

If a hacker breaks in, then why shouldn't he look into "RAM" or somewhere else, since he can know about the files and the database?

Why not use databases? If you need to keep data in memory, then put memcached and that's it. Or a MEMORY table in MySQL.

If the cracker has FULL access, then he will be able to look anywhere, wherever you are saved. And why should he intercept data if he can take the finished result of the script? Even data encryption will not protect, because he will be able to view the source and find out the algorithm and key.

Script A.php

<?php
 
$params  =  "some params" ;
$result  =  shell_exec ( 'php b.php ' . $params ) ;
 
echo  "Result of B script is: " . $result ;
?>

Well, in general, this is not a task for scripting languages, because you can get the source, etc.

I'll describe what's going on, maybe it will help.
so. the user needs to transfer certain information to site A (not mine), on which he is located. this information is stored on my server in a form encrypted with the user's password.
Site A has a link to me. When pressed, 2 things happen. A JSONP request is sent to my server and the user goes to my site.
The user sets his login + password, the information from the database is decrypted, transferred to another script (!!!), a JSONP response is formed from it and everyone is happy. and here it is-!!! - I'm worried now

HTTP POST + SSL?

those. JSONP request is sent in one window and this window hangs and waits for a response until the user enters his username and password in another window?
And when the user enters his login and password, does the first “hanging” script give an answer to the user?
How will this scheme work with a large number of concurrent users? Will you have 100500 suspended scripts hanging in memory?
I don't think you got it all right. Describe specifically the task, and perhaps you will be prompted for the best solution to your problem without these perversions.
Do not think that you were the first to encounter such a problem, most likely similar problems have already been solved more than once, and you have come up with your own bicycle, which so far does not look very successful, but it is not clear what to advise because it is not clear how this scheme will be used.

“How will this scheme work with a large number of concurrent users? Will you have 100,500 suspended scripts hanging in memory? Well, 100500 is only in my dreams :) but there is a problem, I didn’t come up with anything smarter.
the task is simple: fill out a form on the donor site using the "provider". functionality of the roboform plugin for FF.
condition: on the donor only JS.

the problem is that if a hacker has access to the source code, then he can change the script in such a way that all data, wherever it is stored, will be logged when used by the script or, for example, sent to the mail to the hacker. If I were you, I would take care of protecting the server from unauthorized access and tracking changes in server scripts