What happens if you try it with two ids? I suspect it will not work.
A possible workaround could be to create a custom profile field, hide it from users, and put the report name or some other secret value there and do the permission to match that. In effect, that creates a group that can run designated reports.