Rikard Pavelic <rikard.pavelic@zg.htnet.hr> writes:
> Is this a bug or something?
No, it's operating as designed. Per the GRANT reference page:
: Depending on the type of object, the initial default privileges may
: include granting some privileges to PUBLIC. The default is no public
: access for tables, schemas, and tablespaces; CONNECT privilege and TEMP
: table creation privilege for databases; EXECUTE privilege for functions;
: and USAGE privilege for languages. The object owner may of course revoke
: these privileges. (For maximum security, issue the REVOKE in the same
: transaction that creates the object; then there is no window in which
: another user may use the object.)
You'll need to revoke the default public EXECUTE privilege on any
functions you don't want to be callable.
regards, tom lane