"Walker, Jed S" <Jed_Walker@cable.comcast.com> writes:
> I discovered today that when I create a function in a schema that another
> user has "grant usage" on, they are able to execute the function even though
> I've not granted them "execute" on the function.
> Is this normal behavior (from the manual I don't believe it is)?
Yes, it is, because the default for functions is to grant PUBLIC EXECUTE
access. Revoke that if you don't want it.
regards, tom lane