I'm using Apache as my web server.
When installing Magento, would there be any benefit (security or anything else) from installing Magento on say "/var/www/html/m2/magento2" rather than "/var/www/html/magento2"?
Yes there is a major difference in these path as you mentioned below.
That path you will get, when you clon the repo of your project from bitbuckit or Git.
That path, usually we do set manually, when we are upsetting our magento instance
Most likely, the first one i'll do prefer you, because you as per security and error during installation, this is the way clean and proper way to locate your directory once
There are different approaches to improve the security, the approach you have mentioned which is using sub-directory, moreover you can change the default served path from
and modify the env.php by add the following node
'directories' => [ 'document_root_is_pub' => true ]