I'm slightly mystified as to how including the word "online" helps here. It's unlikely that there will be an offline_backup permission, because if the system is off-line, SQL-level permissions are irrelevant.
I'm certainly open to recommendations on this one. Initially, BACKUP was proposed, but based on the discussion, it is unacceptable. As mentioned, the documentation for the affected functions refer to starting/stopping an 'on-line backup', hence the current proposal. I feel like it is obviously more in line with the documentation and removes the ambiguity in what 'type' of backup it allows, as that seemed to be one of the major concerns of just using BACKUP. However, I could certainly understand if there was a confusion on the terminology of 'online' vs 'offline' if those are not regularly used terms or concepts. At any rate, I'll certainly continue to give this one thought, but I wouldn't mind any recommendations/suggestions anyone was willing to throw my way.
> * LOG - allows role to rotate log files - remains broad enough to consider > future log related operations
Maybe LOGFILE? Only because some confusion with the LOG message level seems possible; or confusion about whether this is a permission that lets you log things.