Instead of giving additional rights to the user used for the report, you could change the way the SP is run by using EXECUTE AS [UserWithSufficientRights]
In SQL Server 2005 and above, the creator of a procedure can declaratively set the execution context of the procedure by using the EXECUTE AS keyword in the CREATE PROCEDURE, FUNCTION, and TRIGGER statements. The execution context choices are:
- EXECUTE AS CALLER - the caller of the procedure (no impersonation). This is the only pre-SQL Server 2005 behavior.
- EXECUTE AS OWNER - the owner of the procedure.
- EXECUTE AS SELF - the creator of the procedure.
- EXECUTE AS 'username' - a specific user.
So, from the above, you could create a specific user (with or without a login) and give the appropriate rights, then recompile your SP by using the "EXECUTE AS [thatuser]" DDL statement.
Here's a good document (for SQLSERVER2012) giving you more details:http://download.microsoft.com/download/8/F/A/8FABACD7-803E-40FC-ADF8-355E7D218F4C/SQL_Server_2012_Security_Best_Practice_Whitepaper_Apr2012.docx