It is dangerous when working with security definer functions that the pgAdmin3 script creator does not include a "revoke from public" for functions with e.g. ACL postgres=X/postgres (at least in version 1.10.1). If you use this script to copy a function definition, then you will get public execute granted to that function.
pg_dump adds a revoke from public in this case. Is this missing revoke in pgAdmin3 intentional or was it forgotten?
KP Lehre