Since we are discussing locking down our defaults is revoking the global function execution privilege granted to PUBLIC - instead limiting it to just the pg_catalog schema - on the table?
I'm not sure how strongly I feel toward the proposal but it does come up on these lists; and the fact that it doesn't distinguish between security definer and security invoker is a trap for the unaware.
